Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in Philippines
All images are copyrighted.
The threat intelligence and incident response firm said that the attacks led to the deployment of three new malware families dubbed MISTCLOAK, DARKDEW, BLUEHAZE, and Ncat, the latter of which is a command-line networking utility that's used to create a reverse shell on the victim system. A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices as an initial infection vector. An analysis of the artifacts used in the intrusions indicates that the campaign dates as far back as September 2021.
Source read time: 1 min - thehackernews.com
Also offered in: Nederlands