China APT group using Russia invasion, COVID-19 in phishing attacks

A China-based threat group is likely running a month-long campaign using a variant of the Korplug malware and targeting European diplomats, internet service providers (ISPs) and research institutions via phishing lures that refer to Russia’s invasion of Ukraine and COVID-19 Read More …

OceanLotus APT campaign debuts new backdoor that resembles old Korplug RAT

The suspected Vietnamese APT group OceanLotus has added a new backdoor to its repertoire of malicious tools – one that includes capabilities for enabling file, registry and process manipulation, and also downloading more malicious files. According a Mar. 13 blog post by ESET researcher Read More …