19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email

The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat (APT) attack campaigns, predominantly targeting regions across South Asia, East Asia, Eastern Europe, and South America.

These incursions highlighted a continuation of targeted cyber espionage and sabotage activities, primarily focusing on government agencies, critical infrastructure, and prominent industry sectors through a combination of spear phishing emails, vulnerability exploitation, and watering hole attacks.

The South Asian region experienced heightened APT activity, spearheaded by notorious groups such as Bitter, Patchwork, and Sidewinder.

Their campaigns largely focused on government entities and defense sectors in countries like India, Sri Lanka, and Pakistan.

A hallmark of these attacks was the extensive use of spear phishing emails, comprising approximately 79% of total observed incidents globally.

One notable example involved the Bitter group’s sophisticated spear phishing document tailored to Pakistan’s Ministry of Defense.

This document masqueraded as an official invitation ...