News New Chinese Cyber Group Discovered: - Printable Version +- Red Security (https://redsecurity.info/cc) +-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1) +--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4) +--- Thread: News New Chinese Cyber Group Discovered: (/showthread.php?tid=1284)

New Chinese Cyber Group Discovered: - Mad-Architect - 10-03-2019                   A new group possibly based in China, as part of the Chinese cyber army, has been discovered by Palo Alto's Unit 42. Named PKPLUG, for seemingly utilizing PlugX malware hidden inside archive ZIP files, with the file format containing PK in its header.          There were also custom malware found to be utilized, HenBox, an Android app, and a Window's backdoor called Farseer. There have been  instances of these types of malware going back six years, which could mean they've been operating for a while, or have been using malware and tactics used by other groups.         The group appears to be targeting countries in Southeast Asia, mostly Myanmmar, Vietnam, Taiwan, and Indonesia. There is little go on beyond the trojan that has ended up singling them out; a particular trojan that is apparently being utilized to track individuals and garner information.         Despite the gaps in information on them, Unit 42 is confident that the group is acting along with the CCP's [Chinese Communist Part] Cyber Army.         Original article can be found here.                 That was the news folks, have a good day, and stay safe out there.         ---Mad-Architect