ESET cybersecurity experts: It’s a banking trojan that has already targeted users from Poland, impersonating Bolt Food. Goal: to steal banking-cryptocurrency credentials.
MyCERT cyber security experts: Malaysia has been targeted by a cyber espionage China-linked APT40 campaign. The aim: sensitive data theft and exfiltration
Malaysia government officials have been targeted by China-linked APT40 with a cyber espionage campaign. It has been discovered by the Asian country cyber security experts (MyCERT). The group has leveraged previously compromised email addresses or impersonation of emails to send spear-phishing emails. These include malicious attachments (Microsoft document with enable macro, that extract malware) and the sender pretend to be a journalist, an individual from a trade publication, or someone from a relevant military organization or non-governmental organization (NGO). The objective is data theft and exfiltration. The APT’s operations tend to target government-sponsored projects and take large amounts of information specific to such projects, including proposals, meetings, financial data, shipping information, plans and drawings, and raw data.