We can confidently state that some of these attacks were directed at a number of organizations in Russia and Hong Kong. These include various droppers, loaders, and injectors Crosswalk, ShadowPad, and PlugX backdoors and samples of a previously undescribed backdoor that we have dubbed FunnySwitch. Subsequent monitoring led us to discover a number of new malware samples used by the group in recent attacks. But detailed analysis pointed to the Winnti group (also known as APT41, per FireEye) of Chinese origin. ![]() ![]() During such monitoring in May 2020, we detected several samples of new malware that at first glance would seem to belong to the Higaisa group. ![]() The PT Expert Security Center regularly spots emerging threats to information security, including both previously known and newly discovered malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |