image credit: Pexels

Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

March 3, 2023

The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023.

“Unlike most of the group’s malware, MQsTTang doesn’t seem to be based on existing families or publicly available projects,” ESET researcher Alexandre Côté Cyr said in a new report.

Attack chains orchestrated by the group have stepped up targeting of European entities in the wake of Russia’s full-scale invasion of Ukraine last year. The victimology of the current activity is unclear, but the Slovak cybersecurity company said the decoy filenames are in line with the group’s previous campaigns that target European political organizations.

Read More on The Hacker News