Security News > 2023 > August > New HiatusRAT malware attacks target US Defense Department
In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.
The website's affiliation with contract proposals suggests that the attackers might be seeking publicly accessible information about military requisites or trying to find information on Defense Industrial Base-affiliated organizations.
U.S. organizations have also been recently targeted in attacks linked to other Chinese-backed threat groups, including Volt Typhoon and Storm-0558.
"We suspect the HiatusRAT cluster serves as another example of tradecraft that could be applied against the U.S. Defense Industrial Base with a sense of impunity. We recommend defense contractors exercise caution and monitor their networking devices for the presence of HiatusRAT," Lumen concluded.
New malware infects business routers for data theft, surveillance.
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware.
News URL
Related news
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)