The attackers consistently used other compromised organizational and public service networks in that region to deliver malware and tools under the guise of a trusted access point.
A noteworthy aspect of the attacks is that it entails the use of an unnamed organization's systems as a command-and-control (C2) relay point and a staging ground for tools.
A set of new attacks orchestrated by Cluster Charlie, a cluster that's referred to as Earth Longzhi, has also been identified between September 2023 and June 2024.
Crimson Palace was first documented by the cybersecurity company in early June 2024, with the attacks taking place between March 2023 and April 2024.
Collection
[
|
...
]