China-linked UNC4191 APT relies on USB Devices in attacks against entities in the Philippines

data breach


network threats

AI generated Image

Below are reported the details of the above malware families:Malware Family Description MISTCLOAK MISTCLOAK is a launcher written in C++ that executes an encrypted executable payload stored in a file on disk. The attackers leveraged legitimately signed binaries to side-load malware, experts observed the use of three new families tracked by Mandiant as MISTCLOAK, DARKDEW, and BLUEHAZE. BLUEHAZE BLUEHAZE is a launcher written in C/C++ that launches a copy of NCAT to create a reverse shell to a hardcoded command and control (C2).

Source read time: 2 min -

Also offered in: Nederlands

More news for you