A Chinese hacker tracked under the moniker Webworm has been linked to multiple Windows-based remote-access Trojans, some of which are believed to be in the experimentation phase.
Threat analysts from Symantec, part of Broadcom Software, said “the group has developed customized versions of three older remote access trojans (RATs), including Trochilus RAT, Gh0st RAT, and 9002 RAT.”
The researchers stated at least one of the indicators of compromise (IOCs) was employed in a cyber assault against an IT service vendor operating in several Asian nations.
It’s worth noting that all three backdoors are mainly linked to Chinese hackers such as Stone Panda (APT10), Aurora Panda (APT17), Emissary Panda (APT27), and Judgement Panda (APT31), among others, although they have been utilized by other hacking groups.
Symantec said the Webworm hacker group e
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: