Chinese APT Group Reportedly Develops Custom Backdoor : vima

Chinese APT Group Reportedly Develops Custom Backdoor


Chinese APT Group Reportedly Develops Custom Backdoor
@prajeetspeaks) •
June 9, 2021    
Full infection chain (Source: Check Point Research)
Check Point researchers have uncovered an ongoing campaign by a Chinese advanced persistent threat group that has spent the last three years testing and refining a custom backdoor in its arsenal to conduct espionage campaigns targeting governments in Southeast Asia.
The group, dubbed SharpPanda, uses spear-phishing attacks to gain initial access and leverage old Microsoft Office vulnerabilities together with a chain of in-memory loaders to attempt to install a previously unknown backdoor on victims’ machines.
Researchers note that the first stage of the infection chain's command-and-control servers is hosted by two different cloud services, located in Asia, in Hong Kong and Malaysia. The backdoor command-and-control server is hosted on Zenlayer, a U.S.-based provider that is widely used by multiple threat actors for command-and-control purposes.

Related Keywords

China , Malaysia , Hong Kong , Chinese , Sayprajeet Nair , Cisco Talos , Microsoft Office , Check Point Research , Dynamic Link Library , Group Reportedly Develops Custom Backdoor , Microsoft , Application Security , Nation State Attacks , Fraud Management , Researchers Sayprajeet Nair , Reportedly Develops Custom Backdoor , Live Webinar , Check Point , Microsoft Word , Royal Road , Exploit Still Used , Equation Editor , Feature Broken , Chinese Apt , Sharppanda , Backdoor , Windows , சீனா , மலேசியா , ஹாங் காங் , சீன , மைக்ரோசாஃப்ட் அலுவலகம் , காசோலை பாயஂட் ஆராய்ச்சி , மாறும் இணைப்பு நூலகம் , மைக்ரோசாஃப்ட் , விண்ணப்பம் பாதுகாப்பு , தேசம் நிலை தாக்குதல்கள் , மோசடி மேலாண்மை , வாழ வெபினார் , காசோலை பாயஂட் , மைக்ரோசாஃப்ட் சொல் , அரச சாலை , சமன்பாடு ஆசிரியர் ,

© 2025 Vimarsana