vimarsana.com


Chinese APT Group Reportedly Develops Custom Backdoor
@prajeetspeaks) •
June 9, 2021    
Full infection chain (Source: Check Point Research)
Check Point researchers have uncovered an ongoing campaign by a Chinese advanced persistent threat group that has spent the last three years testing and refining a custom backdoor in its arsenal to conduct espionage campaigns targeting governments in Southeast Asia.
The group, dubbed SharpPanda, uses spear-phishing attacks to gain initial access and leverage old Microsoft Office vulnerabilities together with a chain of in-memory loaders to attempt to install a previously unknown backdoor on victims’ machines.
Researchers note that the first stage of the infection chain's command-and-control servers is hosted by two different cloud services, located in Asia, in Hong Kong and Malaysia. The backdoor command-and-control server is hosted on Zenlayer, a U.S.-based provider that is widely used by multiple threat actors for command-and-control purposes.

Related Keywords

China ,Malaysia ,Hong Kong ,Chinese ,Sayprajeet Nair ,Cisco Talos ,Microsoft Office ,Check Point Research ,Dynamic Link Library ,Group Reportedly Develops Custom Backdoor ,Microsoft ,Application Security ,Nation State Attacks ,Fraud Management ,Researchers Sayprajeet Nair ,Reportedly Develops Custom Backdoor ,Live Webinar ,Check Point ,Microsoft Word ,Royal Road ,Exploit Still Used ,Equation Editor ,Feature Broken ,Chinese Apt ,Sharppanda ,Backdoor ,Windows ,சீனா ,மலேசியா ,ஹாங் காங் ,சீன ,மைக்ரோசாஃப்ட் அலுவலகம் ,காசோலை பாயஂட் ஆராய்ச்சி ,மாறும் இணைப்பு நூலகம் ,மைக்ரோசாஃப்ட் ,விண்ணப்பம் பாதுகாப்பு ,தேசம் நிலை தாக்குதல்கள் ,மோசடி மேலாண்மை ,வாழ வெபினார் ,காசோலை பாயஂட் ,மைக்ரோசாஃப்ட் சொல் ,அரச சாலை ,சமன்பாடு ஆசிரியர் ,

© 2025 Vimarsana

vimarsana.com © 2020. All Rights Reserved.