[HackerNews] Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems.
Attributing the intrusions to a threat actor named PKPLUG (aka Mustang Panda and HoneyMyte), Palo Alto Networks’ Unit 42 threat intelligence team

Source: Read More (The Hacker News)

You might be interested in …

[ThreatPost] Turla APT Plants Novel Backdoor In Wake of Afghan Unrest

All posts, ThreatPost

“TinyTurla,” simply coded malware that hides away as a legitimate Windows service, has flown under the radar for two years. Source: Read More (Threatpost)

Read More

[BleepingComputer] Insurance giant CNA reports data breach after ransomware attack

CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. […] Source: Read More (BleepingComputer)

Read More

[ThreatPost] Hackers Crack Pirated Games with Cryptojacking Malware

All posts, ThreatPost

Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.