Threat Intelligence

Malaysian government-linked campaign used hidden infrastructure for years

A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for years, according to new findings from Oasis Security. Researchers said the activity points to a long-running espionage effort that stayed active by masking backend systems and limiting exposure to public scanning tools, as reported by HackRead.

The operation, believed to be a long-term espionage effort, has maintained its command and control infrastructure for several years by employing sophisticated techniques to avoid detection. These methods include making servers respond differently based on the type of connection, or only being accessible through specific protocols, rendering them invisible to standard internet scans. This carefully managed infrastructure shows patterns commonly associated with state-backed operations and has links to government-related networks in Malaysia.

While specific targets were not disclosed, the activity is focused on intelligence gathering. Concurrently, threat actors are increasingly abusing trusted cloud platforms like Cloudflare to host malicious payloads and phishing materials, leveraging the inherent trust in these services to bypass security filters. This trend signifies a broader shift towards using infrastructure that blends into normal internet traffic, making it harder for organizations to detect and respond to cyber threats.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds