Security News > 2021 > April > Chinese Cyberspies Target Military Organizations in Asia With New Malware

Chinese Cyberspies Target Military Organizations in Asia With New Malware
2021-04-29 04:01

A cyber-espionage group believed to be sponsored by the Chinese government has been observed targeting military organizations in Southeast Asia in attacks involving previously undocumented malware, Bitdefender reported on Wednesday.

The group has been known to focus on government and military organizations.

Last year, after its activity was exposed, Naikon made a similar move: it switched to a new backdoor, although it continued to use previously known malware for the first stages of attack.

The latest campaign ran between June 2019 and March 2021, and one of the new backdoors, dubbed RainyDay, was first used in attacks in September 2020, Bitdefender says.

The similarities are not surprising, considering that Chinese threat actors are known to be sharing infrastructure and tools, and because Naikon was previously observed using exploits attributed to other threat groups, in an attempt to evade detection.

As part of the latest attacks, the adversary also deployed a second new backdoor called Nebulae, likely as a precautionary measure.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/x4B2lYYfTQI/chinese-cyberspies-target-military-organizations-asia-new-malware