Security News > 2023 > August > New HiatusRAT malware attacks target US Defense Department
In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.
The website's affiliation with contract proposals suggests that the attackers might be seeking publicly accessible information about military requisites or trying to find information on Defense Industrial Base-affiliated organizations.
U.S. organizations have also been recently targeted in attacks linked to other Chinese-backed threat groups, including Volt Typhoon and Storm-0558.
"We suspect the HiatusRAT cluster serves as another example of tradecraft that could be applied against the U.S. Defense Industrial Base with a sense of impunity. We recommend defense contractors exercise caution and monitor their networking devices for the presence of HiatusRAT," Lumen concluded.
New malware infects business routers for data theft, surveillance.
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware.
News URL
Related news
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Defense strategies to counter escalating hybrid attacks (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- US freezes foreign aid, halting cybersecurity defense and policy funds for allies (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)