According to Trend Micro’s report, the primary targets of the phishing attacks, between May and October 2022 included entities of countries of the Asia Pacific region like Myanmar, Australia, The Philippines, Japan, and Taiwan.
Mustang Panda, also known as Bronze President, Earth Preta, HoneyMyte, or Red Lich, is an espionage threat actor based in China. The group is said to be active since July 2018 and is known for utilizing malware like China Chopper and PlugX in order to obtain data illegally.
Attributes of the Phishing Attack
The attacks involve spear-phishing emails and messages distributed via Google accounts. The fraudulent emails enticed target users, deceiving them into downloading malicious custom malware through the Google drive links.
During the investigation, researchers found that Mustang Panda used messages consisting of geopolitical subjects, with around 84% of the attacks being targeted at governmental/ legal organizations.
The attached link apparently directed the target users to a Google Drive or Dropbox folder, in order to evade suspicion. Furthermore, the link directed users to download RAR, ZIP, and JAR compre
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: