Advertisement
Top
image credit: Unsplash

China-linked Moshen Dragon abuses security software to sideload malware

May 3, 2022

Via: Security Affairs
Category:

A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns.

Both PlugX and ShadowPad malware are very common among China-linked cyberespionage groups.

Experts observed overlap between the TTPs of the Moshen Dragon group with the ones of the Chinese Nomad Panda (aka RedFoxtrot).

RedFoxtrot has been active since at least 2014 and focused on gathering military intelligence from neighboring countries, it is suspected to work under the PLA China-linked Unit 69010.

Read More on Security Affairs

RELATED PUBLICATIONS

Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
TA547 targets German organizations with Rhadamanthys malware

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!