Security News > 2025 > February > RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
2025-02-13 11:58
An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity. "During the attack in late 2024, the attacker deployed a distinct toolset that had
News URL
https://thehackernews.com/2025/02/hackers-exploited-pan-os-flaw-to-deploy.html
Related news
- Chinese espionage tools deployed in RA World ransomware attack (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)