Tag

Apt41

All articles tagged with #apt41

technology23 days ago•6 min saved

China-linked Amaranth-Dragon Uses WinRAR Flaw for Southeast Asia Espionage

Chinese-linked Amaranth-Dragon has run tightly targeted cyber-espionage campaigns against Southeast Asian government and law-enforcement agencies in 2025, exploiting the WinRAR CVE-2025-8088 flaw via spear-phishing archives hosted on cloud platforms to deploy Amaranth Loader and the Havoc C2 framework; the activity shows APT41 ties, with country-specific infrastructure and anti-analysis techniques, and is complemented by a separate Mustang Panda PlugX Diplomacy operation using LOLBins and staged with diplomatic/election-themed lures.

via The Hacker News|

#amaranth-dragon #apt41 #dll-side-loading

cybersecurity9 months ago•22 min saved

APT41 Exploits Google Calendar for Cyberattacks and Data Theft

The article provides a comprehensive weekly cybersecurity recap highlighting sophisticated threats like APT41's use of Google Calendar for command-and-control, recent law enforcement takedowns of cybercriminal infrastructure, new malware and vulnerabilities, and the importance of AI in security. It emphasizes the evolving tactics of threat actors, the significance of timely patching, and proactive security measures to defend against advanced cyber threats.

via The Hacker News|

#apt41 #cyberattack #cybersecurity

cybersecurity9 months ago•3 min saved

Chinese APT41 Uses Google Calendar for Stealthy Malware C2 Operations

Chinese state-sponsored group APT41 exploited Google Calendar for malware C2 operations, using a sophisticated multi-stage malware to target government entities and organizations worldwide, with Google taking measures to neutralize the campaign.

via The Hacker News|

#apt41 #command-and-control #cyber-espionage

cybersecurity9 months ago•2 min saved

APT41 Uses Google Calendar for Stealthy C2 Communication

Chinese hacking group APT41 uses malware 'ToughProgress' to exploit Google Calendar for stealthy command-and-control operations, with Google actively dismantling the infrastructure and alerting affected users to prevent further abuse.

via BleepingComputer|

#apt41 #c2-communication #cybersecurity

cybersecurity1 year ago•2 min saved

"UNAPIMON: China-Linked Hackers' Latest Stealthy Malware Deployment"

China-linked cyber espionage group APT41, also known as Earth Freybug, has been observed using a new malware called UNAPIMON to target organizations across different countries. The malware, designed to evade detection, is deployed through a series of steps involving legitimate executables and DLL injection, ultimately turning infected systems into backdoors for espionage and financially motivated activities. The group's use of evolving techniques highlights the effectiveness of even simple methods when applied correctly, posing challenges for detection and defense.

via The Hacker News|

#apt41 #china-linked-hackers #cyber-espionage