According to a study from anti-malware vendor Kaspersky, the China-linked cyber-espionage group Cycldek is displaying growing sophistication in a series of recent attacks targeting government and military institutions in Vietnam.
Cycldek, also known as Goblin Panda and Conimes, has been involved since at least 2013, and is known for actively targeting governments in Southeast Asia, with a preference for targets in Vietnam.
The group was discovered to have used a piece of custom malware to exfiltrate data from air-gapped networks in June of last year, a simple sign of evolution for a less sophisticated group. According to Kaspersky, the sophistication of recent attacks has increased.
The campaign, which ran from June 2020 to January 2021, relied on a DLL side-loading infection chain to deliver malicious code that would eventually deploy a remote access Trojan (RAT) to give the attackers complete control over compromised machines.
A legitimate component from Microsoft Outlook ...
Copyright of this story solely belongs to cybersguards.com . To see the full text click HERE