Nation-state backed threat adversaries have their own preferences when it comes to malware and attack tools. Details on which tools nation-state threat actors use are included in the 2014 CrowdStrike Global Threat Intel report <http://www.crowdstrike.com/2014-global-threat-report/> that was released this week. Among its findings: The PlugX Remote Access Tool (RAT) is the most observed malware variant used in such attacks.
“PlugX is pretty easy to use,”Dmitri Alperovitch, co-founder and CTO of CrowdStrike, told eSecurityPlanet. ” It was initially used by Chinese threat adversaries that led the development of the tool.”