Recent reports indicate a surge in phishing attacks throughout the Asia-Pacific region, targeting industrial sectors including healthcare, telecommunications, and manufacturing. These sophisticated campaigns utilize legitimate Cloud services to deliver FatalRAT malware via email, specifically designed to deceive Chinese-speaking individuals. Attackers employed a multi-stage framework to bypass detection, with an initial phishing email containing a ZIP archive that launches the malware. Notably, previous FatalRAT campaigns also leveraged Google Ads for distribution. The targeted attacks emphasize the vulnerabilities of organizations within China and neighboring nations, attributed to the threat actor Silver Fox APT.
Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT.
The attackers employed a sophisticated multi-stage payload delivery framework to ensure evasion of detection.
The lure attachments used in the email messages suggest that the phishing campaign is designed to go after Chinese-speaking individuals.
An interesting aspect of both intrusion sets is that they have primarily targeted Chinese-language speakers and Japanese organizations.
Collection
[
|
...
]