Security News > 2021 > July > Chinese cyberspies’ wide-scale APT campaign hits Asian govt entities
Kaspersky researchers have revealed an ongoing and large-scale advanced persistent threat campaign with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities.
While analyzing LuminousMoth's cyberespionage attacks against several Asian government entities that started since at least October 2020, Kaspersky researchers discovered a total of 100 victims in Myanmar and 1,400 in the Philippines.
"The massive scale of the attack is quite rare. It's also interesting that we've seen far more attacks in the Philippines than in Myanmar," Kaspersky GReAT security researcher Aseel Kayal said.
After being executed on a victim's device, the malware tries to make its way onto other systems via removable USB drives together with files stolen from already compromised computers.
If a drive is found, the malware creates hidden directories on the drive where it then moves all of the victim's files, along with the malicious executables.
Further technical details and a list of indicators of compromise, including malware hashes and C2 domains, can be found at the end of Kaspersky's report.