The ShadowPad malware came into the spotlight in 2017 when it was used in two software supply-chain attacks by a suspected Chinese state-sponsored hacker group. Since then it has become the tool of choice for several cyberespionage groups that are believed to be associated with China’s Ministry of State Security (MSS) and the People’s Liberation Army (PLA).
“The malware was likely developed by threat actors affiliated with Bronze Atlas and then shared with MSS and PLA threat groups around 2019,” researchers from security firm Secureworks said in a new report. “Given the range of groups leveraging ShadowPad, all organizations that are likely targets for Chinese threat groups should monitor for TTPs associated with this malware.”
To read this article in full, please click here
More Stories
Former RAC Employees Get Suspended Sentence for Data Theft
Two former RAC employees have been handed suspended prison sentences for trading in personal data Read More
Over 240 Million US Breach Victims Recorded in Q3
Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024...
Smashing Security podcast #388: Vacuum cleaner voyeur, and pepperoni pact blocks payout
Join us as we delve into the world of unexpected security breaches and legal loopholes, where your robot vacuum cleaner...
Lamborghini Carjackers Lured by $243M Cyberheist
The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August...
Apple’s iPhone Mirroring Flaw Exposes Employee Privacy Risks
The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s...
New BeaverTail Malware Targets Job Seekers via Fake Recruiters
New BeaverTail malware targets tech job seekers via fake recruiters on LinkedIn and X Read More