Researchers said the FoundCore malware represents a big step forward when it comes to evasion.
An advanced cyberespionage campaign targeting government and military entities in Vietnam has been discovered that delivered a remote-access tool (RAT) for carrying out espionage operations, researchers said.
Further analysis suggested that this campaign was conducted by a group related to a Chinese-speaking advanced persistent threat (APT) known as Cycldek (a.k.a. Goblin Panda, APT 27 and Conimes), according to Kaspersky researchers, who added that the group has been active since at least 2013.
The malware used in the campaign, dubbed FoundCore, allows attackers to conduct filesystem manipulation, process manipulation, screenshot captures and arbitrary command execution.