Confucius Espionage: From Stealer to Backdoor


The Confucius group is a long-running cyber-espionage actor operating primarily across South Asia. First identified in 2013, the group is believed to have links to state-sponsored operations in the region.

Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries—especially in Pakistan—using spear-phishing and malicious documents as initial access vectors. Recent campaigns have highlighted a sharp evolution in tactics, shifting from document stealers like WooperStealer to Python-based backdoors such as AnonDoor.

Read more…
Source: Fortinet


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...