The ShadowPad malware came into the spotlight in 2017 when it was used in two software supply-chain attacks by a suspected Chinese state-sponsored hacker group. Since then it has become the tool of choice for several cyberespionage groups that are believed to be associated with China’s Ministry of State Security (MSS) and the People’s Liberation Army (PLA).
“The malware was likely developed by threat actors affiliated with Bronze Atlas and then shared with MSS and PLA threat groups around 2019,” researchers from security firm Secureworks said in a new report. “Given the range of groups leveraging ShadowPad, all organizations that are likely targets for Chinese threat groups should monitor for TTPs associated with this malware.”
To read this article in full, please click here
More Stories
Smashing Security podcast #369: Keeping the lights on after a ransomware attack
Leicester City Council suffers a crippling ransomware attack, and a massive data breach, but is it out of the dark...
US Congress Passes Bill to Ban TikTok
The bill that could see TikTok banned in the US has been approved by the House of Representatives and the...
How to Tell If Your Text Message Is Real
According to reports from the Federal Trade Commission’s Consumer Sentinel database, text message scams swindled $372 million from Americans in...
US Sanctions Iranian “Fronts” for Cyber-Attacks on American Entities
The US Treasury announced sanctions on two companies and four individuals for cyber campaigns conducted on behalf of the Iranian...
Leeds Talent Pool Attracts BlueVoyant’s First UK Security Operations Center
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its...
City street lights “misbehave” after ransomware attack
The UK's Leicester City Council was thrown into chaos last month when a crippling cyber attack forced it to shut...