top of page

New Wave of Espionage Activity Targets Asian Governments

A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. The attacks, which have been underway since at least early 2021, appear to have intelligence gathering as their main goal.

INDUSTRY: Government

MALWARE FAMILY: #HSTR:HackTool:Win32/Mimikatz

ATT&CK IDS: T1003 - OS Credential Dumping, T1574 - Hijack Execution Flow, T1046 - Network Service Scanning, T1021 - Remote Services, T1021.001 - Remote Desktop Protocol

Read More:

1 view


Commenting has been turned off.
bottom of page