Security News > 2022 > August > Chinese hackers use new Cobalt Strike-like attack framework

Researchers have observed a new post-exploitation attack framework used in the wild, named Manjusaka, which can be deployed as an alternative to the widely abused Cobalt Strike toolset or parallel to it for redundancy.
Its RAT implants support command execution, file access, network reconnaissance, and more, so hackers can use it for the same operational goals as Cobalt Strike.
"Cisco Talos recently discovered a new attack framework called"Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape.
This framework is advertised as an imitation of the Cobalt Strike framework," warns the Cisco Talos researchers.
"This new attack framework contains all the features that one would expect from an implant it is written in the most modern and portable programming languages."
Threat actors are expected to continue moving away from Cobalt Strike gradually, and many alternative attack frameworks will likely appear, attempting to grow into the new market opportunity.
News URL
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)