A series of cybersecurity threats have been identified involving state-sponsored cyber groups from China and North Korea. These groups have been linked to ransomware attacks targeting global governments and critical infrastructure. Notably, the Chinese threat actor group ChamelGang, also known as CamoFei, has been implicated in ransomware attacks on the Indian healthcare institution AIIMS and the Presidency of Brazil in 2022. The group is believed to use ransomware as part of their espionage operations. Research from SentinelOne and Recorded Future highlights these activities. Additionally, new malware strains targeting banking users and WordPress sites have emerged, including the Medusa Android Trojan, a new credit card skimmer, and the Snowblind banking malware that exploits the Linux Kernel.
šØ šæ A disturbing ransomware trend that blurs the lines between cyberespionage and cybercrime, highlighted in a new @LabsSentinel report: Threat actors in the cyberespionage ecosystem are using ransomware as a final stage in their operations for the purposes of financial gain,ā¦ https://t.co/gJVY2sS6Qh
New research from Recorded Future and @SentinelOne on #ChamelGang, a suspected Chinese APT group that targeted Indian healthcare institution AIIMS and the Presidency of Brazil in 2022 using CatB ransomware. https://t.co/6XieGOn1G5
A new strain of banking malware, dubbed "Snowblind," that affects Android mobile devices alters apps so it can read phone screens, disable 2FA, and steal victims' funds. š: https://t.co/ERWSrd7D9Z https://t.co/3VA2L15aKe
In a collaboration between @SentinelOne and @RecordedFuture, @milenkowski and I published a report on suspected Chinese APT ChamelGang (also known as CamoFei) believed to use ransomware as part of espionage operations. https://t.co/FhuSnnA9Oa
Elite state-backed hackers are embracing the use of ransomware to obfuscate their operations. https://t.co/4gBCMknwYr https://t.co/F0ewXp0v4j
New 'Snowblind' Banking Malware Targets Android Users With Linux Kernel Exploit https://t.co/8D3DVjCRRu
Chinese hackers are increasingly deploying ransomware, researchers from @LabsSentinel and @RecordedFuture say. https://t.co/vJsyMctcWQ via @AJVicens
Chinese threat actor ChamelGang behind AIIMS ransomware attack, claims new report By @AihikS https://t.co/EWzVJtnBUH via @moneycontrolcom
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware https://t.co/PJRkgfKXrh
Chinese and N. Korean Hackers Target Global Infrastructure with Ransomware: https://t.co/TduQI7MAbc by The Hacker News #infosec #cybersecurity #technology #news
š State-sponsored cyber groups from China and North Korea have been linked to #ransomware attacks on global governments and critical infrastructure. Learn more about the tactics used ā”ļø https://t.co/PZ8kLpEdlJ #malware #hacking #cybersecurity
'ChamelGang' APT Disguises Espionage Activities With Ransomware: https://t.co/1xExu07LC3 by darkreading #infosec #cybersecurity #technology #news
New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites: https://t.co/qL2ajDgAIS by The Hacker News #infosec #cybersecurity #technology #news
New Medusa Android Trojan Targets Banking Users Across 7 Countries: https://t.co/AZ218jVkeF by The Hacker News #infosec #cybersecurity #technology #news
New Attack Technique Exploits Microsoft Management Console Files: https://t.co/cHqDEfkhyT by The Hacker News #infosec #cybersecurity #technology #news
Cybersecurity in the SMB space ā a growing threat: https://t.co/CZdP3SI9ko by Securelist #infosec #cybersecurity #technology #news
Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts: https://t.co/ucXlBC1qeN by The Hacker News #infosec #cybersecurity #technology #news