Cybersecurity experts have raised alarms about a cyber espionage campaign known as 'LapDogs', which has affected various sectors including IT, networking, and media. Believed to be operated by a China-based group, the campaign has been stealthily infiltrating devices since September 2023, predominantly in the US, Japan, South Korea, Taiwan, and Hong Kong. It employs sophisticated techniques involving Operational Relay Boxes for stealthy, long-term intrusion, focusing on Internet of Things (IoT) devices and legacy routers. The customized backdoor, 'ShortLeash', facilitates persistent surveillance and control, emphasizing a concerning trend in threat actor methodologies.
This campaign shows a surging interest from China-Nexus threat actors in using ORB Networks to conduct covert intrusion campaigns both around the globe and tailored to specific victims of interest.
With an increasing interest in this approach, security teams should be on alert that China-Nexus threat actors are disrupting traditional playbooks for IOC tracking, response, and remediation.
Collection
[
|
...
]