Security News > 2023 > August > New HiatusRAT malware attacks target US Defense Department

In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.
The website's affiliation with contract proposals suggests that the attackers might be seeking publicly accessible information about military requisites or trying to find information on Defense Industrial Base-affiliated organizations.
U.S. organizations have also been recently targeted in attacks linked to other Chinese-backed threat groups, including Volt Typhoon and Storm-0558.
"We suspect the HiatusRAT cluster serves as another example of tradecraft that could be applied against the U.S. Defense Industrial Base with a sense of impunity. We recommend defense contractors exercise caution and monitor their networking devices for the presence of HiatusRAT," Lumen concluded.
New malware infects business routers for data theft, surveillance.
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware.
News URL
Related news
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- US defense contractor cops to sloppy security, settles after infosec lead blows whistle (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)