ESET cybersecurity experts: It’s a banking trojan that has already targeted users from Poland, impersonating Bolt Food. Goal: to steal banking-cryptocurrency credentials.
FireEye: Chinese APTs use new malware to hit targets in US and Europe. The threat actors are still compromising Pulse Secure VPN devices to infiltrate the organizations
Chinese APT actors are still compromising Pulse Secure VPN devices worldwide. It has been denounced by FireEye cybersecurity experts. The targets continue to be organizations across the defense, government, high tech, transportation, and financial sectors in the U.S. and Europe. Furthemore, the malicious hackers – identified mostly as UNC2630 and UNC2717 – exploit new specifically designed malware families to hit for cyber espionage purpose. Moreover, many compromised organizations operate in verticals and industries aligned with Beijing’s strategic objectives outlined in China’s recent 14th Five Year Plan. Mandiant is tracking 16 malware families exclusively designed to infect Pulse Secure VPN appliances and used by several cyber espionage groups which researchers believe are affiliated with the Chinese government.