The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system.
Besides recompiling malware samples for different architectures, the artifacts are said to have been hosted on new virtual private servers (VPSs), Lumen Black Lotus Labs said in a report published last week.
The cybersecurity firm described the activity cluster as “brazen” and “one of the most audacious,” indicating no signs of slowing down. The identity and the origin of the threat actors are presently unknown.
