Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
China-Linked Cyber Spies Infiltrate Russian Systems: Malware Mayhem Unleashed
Cyber-spies suspected of Chinese connections have infected Russian government computers with backdoors and trojans, according to Kaspersky. Dubbed EastWind, the attacks involve malware linked to APT27 and APT31. Using phishing emails, the spies deployed trojans like GrewApacha and CloudSorcerer, leveraging cloud services as command-and-control servers.
Hot Take:
Who knew that Russia’s cyber snoops would be the ones getting snooped on? It’s like a spy movie where James Bond gets hacked by Q, except Q is a Chinese APT group and Bond is… well, let’s just say he needs to update his antivirus software.
Key Points:
- Chinese APT groups APT27 and APT31 are suspected to be behind the EastWind attacks targeting Russian government agencies and IT providers.
- Attackers used phishing emails with RAR attachments to infect devices with backdoors and trojans.
- Cloud services like GitHub, Dropbox, Quora, and LiveJournal were utilized as command-and-control servers.
- Key malware involved includes GrewApacha and CloudSorcerer, with the latter being updated to use new C2 methods.
- New implant dubbed PlugY discovered, capable of extensive spying activities.
Already a member? Log in here