Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
China-Linked Cyber Espionage: Velvet Ant’s Three-Year Infiltration of East Asian Organization Exposed
Velvet Ant, a suspected China-nexus cyber espionage actor, infiltrated an East Asian organization for three years using legacy F5 BIG-IP appliances. Cybersecurity firm Sygnia’s recent findings highlight Velvet Ant’s sophisticated tactics, including the use of PlugX malware and disabling endpoint security. The threat actor’s persistence…
Hot Take:
When it comes to sneaky cyber espionage, “Velvet Ant” makes James Bond look like a clumsy intern spilling coffee on his keyboard. With three years of undercover activity and a flair for turning outdated servers into their personal playground, these cyber spies deserve an Oscar for Best Adaptation in a Thriller.
Key Points:
- Velvet Ant targeted an unnamed East Asian organization for three years using legacy F5 BIG-IP appliances.
- The attack involved the sophisticated use of the PlugX backdoor and DLL side-loading technique.
- Endpoint security software was disabled using open-source tools like Impacket.
- Two versions of PlugX were deployed: one for endpoints with internet access and another for internal servers.
- Forensic analysis revealed additional tools like PMCD and EarthWorm, commonly associated with other Chinese cyber espionage groups.
Already a member? Log in here