CarderPlanet
Professional
- Messages
- 2,549
- Reaction score
- 730
- Points
- 113
Gathering intelligence in various areas is still a priority for hackers.
The Chinese threat, known under the pseudonym Budworm, recently launched a new series of cyberattacks on government and telecommunications agencies, using an updated set of malware tools.
According to Symantec researchers, incidents targeting an unnamed telecommunications organization in the Middle East, as well as the Asian government, occurred in August of this year. An improved version of the SysUpdate toolkit was used in the attacks.
The Budworm group has been active since at least 2013 and is known by various names such as APT27, Bronze Union, Emissary Panda, Iron Tiger, Lucky Mouse, and Red Phoenix. The group targets a wide range of industry verticals to achieve its intelligence gathering goals.
To exfiltrate valuable information and maintain long-term access to sensitive systems, the group uses vulnerable web services, as well as various hacking tools, including China Chopper, Gh0st RAT, HyperBro, PlugX, SysUpdate and ZXShell.
"SysUpdate has been used by Budworm since at least 2020, and attackers are constantly improving the tool to improve its capabilities and avoid detection," Symantec said in a report.
A 2017 SecureWorks report revealed the propensity of attackers to gather intelligence on defense, security, and policy issues for organizations around the world. Then experts described the group as a serious threat.
With the latest attack reviewed by Symantec, Budworm hackers are also now among the active threats targeting the Middle East telecommunications sector.
Cyberattacks by the Budworm group against government and telecommunications organizations demonstrate the need for continuous improvement of cybersecurity measures.
Private and government companies must regularly update their security systems to counter sophisticated hackers using advanced attack tools and techniques.
The Chinese threat, known under the pseudonym Budworm, recently launched a new series of cyberattacks on government and telecommunications agencies, using an updated set of malware tools.
According to Symantec researchers, incidents targeting an unnamed telecommunications organization in the Middle East, as well as the Asian government, occurred in August of this year. An improved version of the SysUpdate toolkit was used in the attacks.
The Budworm group has been active since at least 2013 and is known by various names such as APT27, Bronze Union, Emissary Panda, Iron Tiger, Lucky Mouse, and Red Phoenix. The group targets a wide range of industry verticals to achieve its intelligence gathering goals.
To exfiltrate valuable information and maintain long-term access to sensitive systems, the group uses vulnerable web services, as well as various hacking tools, including China Chopper, Gh0st RAT, HyperBro, PlugX, SysUpdate and ZXShell.
"SysUpdate has been used by Budworm since at least 2020, and attackers are constantly improving the tool to improve its capabilities and avoid detection," Symantec said in a report.
A 2017 SecureWorks report revealed the propensity of attackers to gather intelligence on defense, security, and policy issues for organizations around the world. Then experts described the group as a serious threat.
With the latest attack reviewed by Symantec, Budworm hackers are also now among the active threats targeting the Middle East telecommunications sector.
Cyberattacks by the Budworm group against government and telecommunications organizations demonstrate the need for continuous improvement of cybersecurity measures.
Private and government companies must regularly update their security systems to counter sophisticated hackers using advanced attack tools and techniques.
