Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit

Deep Panda has launched new attacks this month that exploit Log4Shell to deploy the new Fire Chili rootkit.

Deep Panda is a Chinese advanced persistent threat (APT) hacking group that has been active for at least a decade. The APT targets government, defense, healthcare, telecoms, and financial organizations, to name a few, for purposes including data theft and surveillance.

The cyberattackers have a wide range of malicious tools, including the Milestone backdoor and the Infoadmin Remote Access Trojan (RAT) based on Gh0st RAT code. There may also be affiliation to Winnti, a separate Chinese group known to target game developers and vendors.

Read more…
Source: ZDNet