RedDelta, an active state-sponsored threat actor from China, has targeted nations like Mongolia and Taiwan with custom PlugX backdoor variants using spear-phishing tactics.
The intrusion set utilized various Windows file types to initiate infections, reflecting RedDelta’s ongoing refinement of infection strategies and toolsets in espionage operations.
Recent intelligence suggests RedDelta has compromised significant entities in countries including Vietnam and Mongolia, further highlighting their expansive targeting strategy across Southeast Asia.
The group’s recent operations have demonstrated a shift to weaponizing Visual Studio Code tunnels, indicating a worrying trend among China-linked espionage actors.
Collection
[
|
...
]