#plugx

[ follow ]
#rainyday #turian #telecommunications-targeting #unc6384 #adversary-in-the-middle #mustang-panda
Information security
fromThe Hacker News
6 days ago

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

A new PlugX malware variant targets Central and South Asian telecommunications and manufacturing, combining RainyDay and Turian features and indicating shared tools or actor overlap.
Information security
fromThe Hacker News
1 month ago

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

UNC6384 uses captive-portal AitM redirects and a digitally signed STATICPLUGIN downloader to deploy a PlugX (SOGU.SEC) backdoor against diplomats and other targets.
[ Load more ]