Since 2022, the BerBeroka group has been mentioned in every annual report released by the QiAnXin Threat Intelligence Center. The group was disclosed by QiAnXin friendly company Trend Micro.
QiAnXin researchers have continued to track it under this name after merging internal groups. In fact, BerBeroka is the same as group such as DRBControl and TAG33 . It has invaded China’s financial, hospital medical, and gaming industries, with the scale of victims far exceeding the APT-Q- 29 and BlackTech QiAnXin disclosed previously. This type of attack is different from the black industry of delivering XXX.exe to WeChat groups . The outsourced attackers themselves have very rich experience in infiltration at home and abroad.
Read more…
Source: QiAnXin Threat Intelligence Center
Related:
- Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
October 27, 2025
Trend Research is continuously tracking the aggressive malware campaign it identified as Water Saci, which uses WhatsApp as its primary infection vector. In our previous blog, the Water Saci campaign, with its malware identified as SORVEPOTEL, automatically distributes the same malicious ZIP file to all contacts and groups associated with the victim’s compromised account for ...
- Mem3nt0 mori – The Hacking Team is back!
October 27, 2025
n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough. The malicious links were personalized and extremely short-lived to avoid detection. ...
- Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond
October 27, 2025
The global threat landscape is undergoing an unprecedented transformation. Organizations are facing dizzying levels of complexity, driven by rapid technological innovation, the widespread adoption of artificial intelligence, and the expected disruptive effects of quantum computing. At the same time, shifting geopolitical dynamics, the rise of sophisticated cybercriminal networks, and the introduction of new regulatory frameworks are ...
- Ireland: Number of passengers affected by data breach not yet clear
October 26, 2025
It has not yet clear how many passengers were affected by the data breach relating to boarding passes issued for flights during August, but RTÉ News understands it may be in the hundreds of thousands. In August 3.8 million passenger journeys were made on flights through Dublin Airport. It has not been revealed yet what type ...
- Microsoft issues emergency WSUS security patch – update now
October 24, 2025
Microsoft has issued an emergency Windows server security patch to fix a critical severity flaw apparently abused in the wild. As part of its most recent Patch Tuesday cumulative update (October 14, 2025), Microsoft addressed CVE-2025-59287, a “deserialization of untrusted data” flaw found in Windows Server Update Service (WSUS). WSUS allows IT admins to manage patching ...
- Hackers steal medical records and financial data from 1.2M patients in massive healthcare breach
October 24, 2025
More than 1 million patients have been affected by a data breach involving SimonMed Imaging, one of the country’s largest outpatient radiology and medical imaging providers. The breach came to light after a cyberattack compromised sensitive patient data, with reports indicating that ransomware operators may have been behind the incident. What makes this case particularly concerning is the ...