#CeranaKeeper

China-Backed APT Group Culling Thai Government Data

October 2, 2024 by Xynik

October 2, 2024 at 09:08PM CeranaKeeper, a China-aligned threat actor, has conducted large-scale data exfiltration in Southeast Asia. ESET researchers found that the group has been active since early 2022, using tools associated with Mustang Panda and exploiting file-sharing services. They breached Thai government systems and conducted extensive data harvesting, demonstrating rapid evolution and persistence. … Read more

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

October 2, 2024 by Xynik

October 2, 2024 at 12:15PM CeranaKeeper, a new threat actor, has been conducting data exfiltration attacks in Southeast Asia, targeting countries like Thailand, Myanmar, the Philippines, Japan, and Taiwan. Utilizing backdoors through legitimate cloud and file-sharing services, the group demonstrates a relentless and creative approach, with an extensive custom toolset for massive data siphoning. ESET … Read more