#CrimsonPalace

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

September 10, 2024 by Xynik

September 10, 2024 at 08:39AM A renewed state-sponsored operation codenamed Crimson Palace, linked to China, has expanded its espionage efforts by compromising more government organizations in Southeast Asia. Cybersecurity firm Sophos identified three intrusion sets using compromised networks to deliver malware. The clusters employ various techniques, including C2 frameworks and open-source programs, to infiltrate, establish … Read more

Chinese hacking groups team up in cyber espionage campaign

June 5, 2024 by Xynik

June 5, 2024 at 04:14PM Since at least March 2023, Chinese state-sponsored actors have launched the Crimson Palace cyberespionage campaign against a Southeast Asian government agency. The campaign involved new malware variants and three coordinated activity clusters. These clusters, operating during Chinese work hours, engaged in reconnaissance, lateral movement, and persistent access management. Sophos researchers … Read more

Chinese State-Backed Cyber Espionage Targets Southeast Asian Government

June 5, 2024 by Xynik

June 5, 2024 at 07:54AM A high-profile government organization in Southeast Asia became the target of a lengthy Chinese state-sponsored cyber espionage campaign named Crimson Palace. The operation aimed to maintain network access for espionage, focusing on accessing critical systems, gathering sensitive information, and deploying various malware. The attackers utilized an array of tools and … Read more