Storm-2077, a group linked to the Chinese government, is actively targeting U.S. organizations, using tactics such as exploiting vulnerabilities and spear phishing.
Sherrod DeGrippo noted that Storm-2077 typically gains access through public-facing applications or spear phishing emails that deliver SparkRAT for remote access.
DeGrippo remarked, 'They’re a significant threat... they really do embody the activity of persistence,' emphasizing the ongoing danger of Storm-2077.
Five years ago, it was surprising to see nation-sponsored groups using off-the-shelf malware like SparkRAT, but today it’s a common tactic.
Collection
[
|
...
]