Security News > 2020 > November > Symantec Reports on Cicada APT Attacks against Japan
2020-11-20 12:05
Symantec is reporting on an APT group linked to China, named Cicada.
They have been attacking organizations in Japan and elsewhere.
Cicada has historically been known to target Japan-linked organizations, and has also targeted MSPs in the past.
The group is using living-off-the-land tools as well as custom malware in this attack campaign, including a custom malware - Backdoor.
Among the machines compromised during this attack campaign were domain controllers and file servers, and there was evidence of files being exfiltrated from some of the compromised machines.