Deep Panda has launched new attacks this month that exploit Log4Shell to deploy the new Fire Chili rootkit.
Deep Panda is a Chinese advanced persistent threat (APT) hacking group that has been active for at least a decade. The APT targets government, defense, healthcare, telecoms, and financial organizations, to name a few, for purposes including data theft and surveillance.
The cyberattackers have a wide range of malicious tools, including the Milestone backdoor and the Infoadmin Remote Access Trojan (RAT) based on Gh0st RAT code. There may also be affiliation to Winnti, a separate Chinese group known to target game developers and vendors.
Read more…
Source: ZDNet