Chinese advanced persistent threat groups have been escalating cyberespionage attacks against industrial and government organizations across Europe between October and March, according to GBHackers News.
Intrusions involving Korplug loaders and nefarious USB drives have been launched by Mustang Panda, which is among the most prominent Chinese threat operations during the said period, to stealthily compromise government entities and maritime transportation firms, findings from ESET's APT Activity Report revealed. EU government agencies have also been compromised by the DigitalRecyclers group in attacks that deployed the HydroRShell, RClient, and GiftBox payloads, while a Central European government organization was injected with the new NanoSlate backdoor in an attack by the PerplexedGoblin gang. Advanced attack techniques have also been employed by other China-aligned APTs, including Worok, which had used the Sonifake, HDMan, and PhantomNet toolsets in its intrusions. Such findings indicate the adaptive nature of Chinese APTs, which should prompt the implementation of more robust endpoint security systems and threat intelligence sharing activities, said ESET researchers.
Intrusions involving Korplug loaders and nefarious USB drives have been launched by Mustang Panda, which is among the most prominent Chinese threat operations during the said period, to stealthily compromise government entities and maritime transportation firms, findings from ESET's APT Activity Report revealed. EU government agencies have also been compromised by the DigitalRecyclers group in attacks that deployed the HydroRShell, RClient, and GiftBox payloads, while a Central European government organization was injected with the new NanoSlate backdoor in an attack by the PerplexedGoblin gang. Advanced attack techniques have also been employed by other China-aligned APTs, including Worok, which had used the Sonifake, HDMan, and PhantomNet toolsets in its intrusions. Such findings indicate the adaptive nature of Chinese APTs, which should prompt the implementation of more robust endpoint security systems and threat intelligence sharing activities, said ESET researchers.
