September 10, 2024 at 06:03AM Trend Micro has identified Mustang Panda’s advanced malware tactics, including the propagation of PUBLOAD via HIUPAN, targeting government entities in the APAC region. The cybersecurity firm uncovered the group’s use of multi-stage downloaders and exploitation of Microsoft’s cloud services for data exfiltration. The threat actor’s evolving strategies are concerning for … Read more
September 9, 2024 at 03:44AM Earth Preta has enhanced its attacks by incorporating new malware and strategies, such as the propagation of PUBLOAD via a variant of the worm HIUPAN. Additional tools like FDMTP and PTSOCKET are utilized to extend control and data exfiltration capabilities. These attacks are highly targeted and time-sensitive, focusing on specific … Read more
February 20, 2024 at 04:37AM Summary: Earth Preta’s APT campaign, employing a customized PlugX malware named DOPLUGS, targeted Asian countries, including Taiwan and Vietnam. Phishing emails embedded with Google Drive links were used as initial access, executing DOPLUGS malware. The DOPLUGS variant was found to integrate the KillSomeOne module for malware distribution and USB infection. … Read more