Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
When Allies Attack: Chinese Hackers APT31 & APT27 Target Russian Systems in EastWind Cyber Offensive
Chinese hackers APT31 and APT27 are wreaking havoc on Russian systems in the latest cyberespionage campaign, EastWind. Using a revamped CloudSorcerer backdoor, the attack employs phishing emails and sneaky DLL side loading to drop malware like GrewApacha and PlugY. Kaspersky’s findings underscore the complex cyber…
Hot Take:
So, it turns out that while Russia and China might be BFFs on the world stage, their hackers are frenemies in the digital underworld. Nothing says “I value our relationship” quite like a good old-fashioned cyberespionage campaign. Who needs soap operas when you’ve got international cyber drama?
Key Points:
- Chinese hacker groups APT31 and APT27 are behind the “EastWind” cyberattacks targeting Russian government and IT systems.
- The campaign uses an updated CloudSorcerer backdoor, also seen in attacks on U.S. entities.
- Phishing emails with RAR attachments are the main infection vector.
- Kaspersky identified multiple malware tools, including GrewApacha, CloudSorcerer, and the new PlugY backdoor.
- Detection is tricky due to varied backdoors and sophisticated evasion techniques.
Already a member? Log in here