A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023.
The attacks, which leveraged tools previously identified as linked to China-based advanced persistent threat (APT) groups, are characterized by the use of both open-source and living-off-the-land (LotL) techniques.
This extended dwell time and calculated approach underscore the sophistication and persistence of the threat actors.
Symantec noted that the attackers managed to retain covert access to compromised networks for extended periods of time, allowing them to harvest passwords and map networks of interest.
Collection
[
|
...
]