Security News > 2023 > February > Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in Asia
Shipping companies and medical laboratories in Asia have been the subject of a suspected espionage campaign carried out by a never-before-seen threat actor dubbed Hydrochasma.
The standout aspects of the campaign is the absence of data exfiltration and custom malware, with the threat actor employing open source tools for intelligence gathering.
From there, the attackers have been observed deploying a trove of tools like Fast Reverse Proxy, Meterpreter, Cobalt Strike Beacon, Fscan, BrowserGhost, and Gost proxy.
"The tools deployed by Hydrochasma indicate a desire to achieve persistent and stealthy access to victim machines, as well as an effort to escalate privileges and spread laterally across victim networks," the researchers said.
In October 2021, Positive Technologies disclosed attacks mounted by ChamelGang that involved using the tool to control compromised hosts.
Hydrochasma is not the only threat actor in recent months to completely eschew bespoke malware.
News URL
https://thehackernews.com/2023/02/hydrochasma-new-threat-actor-targets.html