APT trends report Q3 2024

In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. The campaign targeted Vietnamese victims, mostly from the financial sector, with some Read More …

APT32 state hackers target human rights defenders with spyware

Vietnam-backed hacking group APT32 has coordinated several spyware attacks targeting Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The state hackers also pointed their attacks at a nonprofit (NPO) human rights organization from Vietnam, as Amnesty International’s Read More …

Cyberespionage APT group hides behind cryptomining campaigns

An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts. Coin mining is typically regarded as a non-critical security issue, so the method allowed Read More …

APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management

From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis. Spear phishing messages were sent by the actor Read More …

OceanLotus adopts public exploit code to abuse Microsoft Office software

The OceanLotus hacking group is back with a new campaign in 2019 complete with new exploits, decoys, and self-extracting malicious archives. Also known as APT32, SeaLotus, APT-C-00, and Cobalt Kitty, OceanLotus is a hacking group which operates across Asia and Read More …

New MacOS Backdoor Linked to OceanLotus Found

We identified a MacOS backdoor (detected by Trend Micro as  OSX_OCEANLOTUS.D) that we believe is the latest version of a threat used by OceanLotus (a.k.a. APT 32, APT-C-00, SeaLotus, and Cobalt Kitty). OceanLotus was responsible for launching targeted attacks against human rights organizations, media Read More …