CySecurity News – Latest Information Security and Hacking Incidents
An “extremely sophisticated” Chinese-speaking advanced persistent threat (APT) actor known as LuoYu has been spotted utilising a malicious Windows application known as WinDealer supplied via man-on-the-side assaults.
In a new report, Russian cybersecurity company Kaspersky said, “This groundbreaking development allows the actor to modify network traffic in-transit to insert malicious payloads. Such attacks are especially dangerous and devastating because they do not require any interaction with the target to lead to successful infection.”
Organizations targeted by LuoYu, which has been active since 2008, include primarily foreign diplomatic organisations based in China, members of the academic community, as well as financial, defence, logistics, and telecommunications firms. Taiwanese cybersecurity firm TeamT5 initially discovered LuoYu’s usage of WinDealer at the Japan Security Analyst Conference (JSAC) in January 2021.
Later assault campaigns targeted Japanese businesses, with isolated infections recorded in Austria, Germany, India, Russia, and the United States. PlugX and its sequel ShadowPad, both of which have been utilised by a number of Chinese threat actors to support their strategic objectives, are also part of the adversary’s malware arsenal. The actor is also known to target Linux, macOS, and Android devices.
WinDeale
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: