May 23, 2016
A cyber-espionage group tied to China and called Ke3chang has resurfaced with new attacks and utilizing new malware in its operations, called TidePool.
The activities of the Ke3chang group came to light in December 2013, when FireEye researchers discovered the group targeting five European ministries of foreign affairs just before the G20 Summit that took place in September in Russia that year.
FireEye reported that the group used spear-phishing campaigns related to the Syrian conflict to distribute the BS2005 RAT (Remote Access Trojan). After that, the group’s activity shut down.