#Sandman

Sandman Cyberespionage Group Linked to China

by

December 12, 2023 at 08:48AM Sandman, an APT actor recently identified, is linked to China, as per a report by SentinelOne, Microsoft, and PwC. Their sophisticated modular backdoor, LuaDream, was highlighted in attacks on telecom providers in the Middle East, Europe, and South Asia. The report links Sandman to China-based threat actor STORM-0866/Red Dev 40 … Read more

Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor

by

December 11, 2023 at 09:12AM The enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster are found to share tactical and targeting overlaps, utilizing a backdoor known as KEYPLUG. The assessment from SentinelOne, PwC, and Microsoft reveals shared infrastructure control, management practices, and design, suggesting joint functionalities. Alongside, the use of Lua-based … Read more