#DodgeBox

China’s APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

by

July 11, 2024 at 09:38PM APT41, a Chinese government-backed cyber espionage group, has added DodgeBox loader and MoonWalk backdoor to their malware toolbox. Zscaler’s ThreatLabz team attributes these new tools to APT41, indicating financially motivated crimes. DodgeBox exhibits advanced capabilities and evasive techniques, with MoonWalk using Google Drive for command-and-control communication. More details on MoonWalk … Read more

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

by

July 11, 2024 at 08:40AM APT41, a China-linked APT group, is suspected of using an advanced version of StealthVector to deliver a new backdoor named MoonWalk, utilizing Google Drive for C2 communication. This threat actor has been active since 2007 and has been linked to various cyber intrusions and attacks targeting U.S. and Taiwanese entities. … Read more