Threat hunters have uncovered a network of over 1,000 compromised small office and home office devices, named LapDogs, facilitating a cyber espionage campaign linked to Chinese hacking groups. This network targets various sectors in the U.S. and Southeast Asia, and includes infections in countries like Japan and South Korea. The core of LapDogs is a custom backdoor, ShortLeash, designed to exploit security vulnerabilities and establish a network of infected devices. The campaign has shown signs of activity since September 2023, with multiple intrusion sets identified.
The LapDogs network has a high concentration of victims across the United States and Southeast Asia, and is slowly but steadily growing in size.
ShortLeash is assessed to be delivered by means of a shell script to primarily penetrate Linux-based SOHO devices, although artifacts serving a Windows version of the backdoor have also been found.
Collection
[
|
...
]