Home Security Budworm Hackers Resurface with New Espionage Assaults Geared toward U.S. Group

Budworm Hackers Resurface with New Espionage Assaults Geared toward U.S. Group

by crpt os


An advanced persistent threat (APT) actor known as Budworm targeted a U.S.-based entity for the first time in more than six years, according to latest research.

The attack was aimed at an unnamed U.S. state legislature, the Symantec Threat Hunter team, part of Broadcom Software, said in a report shared with The Hacker News.

Other intrusions mounted over the past six months were directed against a government of a Middle Eastern country, a multinational electronics manufacturer, and a hospital in South East Asia.

Budworm, also called APT27, Bronze Union, Emissary Panda, Lucky Mouse, and Red Phoenix, is a threat actor that’s believed to operate on behalf of China through attacks that leverage a mix of custom and openly available tools to exfiltrate information of interest.

CyberSecurity

“Bronze Union maintains a high degree of operational flexibility in order to adapt to the environments it operates in,” Secureworks notes in a profile of the nation-state group, pointing out its ability to “maintain access to sensitive systems over a long period of time.”

A prominent backdoor attributed to the adversarial collective is HyperBro, which has been put to use since at least 2013 and is in continuous development. Its other tools include PlugX, SysUpdate, and the China Chopper web shell.

The latest set of attacks are no different, with the threat actor leveraging Log4Shell flaws to compromise servers and install web shells, ultimately paving the way for the deployment of HyperBro, PlugX, Cobalt Strike, and credential dumping software.

CyberSecurity

The development marks the second time Budworm has been linked to an attack on a U.S. entity. Earlier this month, the U.S. government revealed that multiple nation-state hacking groups breached a defense sector organization using ProxyLogon flaws in Microsoft Exchange Server to drop China Chopper and HyperBro.

“In more recent years, the group’s activity appears to have been largely focused on Asia, the Middle East, and Europe,” the researchers said. “A resumption of attacks against U.S.-based targets could signal a change in focus for the group.”





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex