Security News > 2022 > August > Chinese hackers use new Cobalt Strike-like attack framework
Researchers have observed a new post-exploitation attack framework used in the wild, named Manjusaka, which can be deployed as an alternative to the widely abused Cobalt Strike toolset or parallel to it for redundancy.
Its RAT implants support command execution, file access, network reconnaissance, and more, so hackers can use it for the same operational goals as Cobalt Strike.
"Cisco Talos recently discovered a new attack framework called"Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape.
This framework is advertised as an imitation of the Cobalt Strike framework," warns the Cisco Talos researchers.
"This new attack framework contains all the features that one would expect from an implant it is written in the most modern and portable programming languages."
Threat actors are expected to continue moving away from Cobalt Strike gradually, and many alternative attack frameworks will likely appear, attempting to grow into the new market opportunity.
News URL
Related news
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- US says Chinese hackers breached multiple telecom providers (source)