Chinese Espionage-based APT Earth Preta, aka Mustang Panda, Evolves its Attacks with New Malware and Strategies

tardigrada@beehaw.org to Technology@beehaw.org – 2 points – Earth Preta Evolves its Attacks with New Malware and Strategies
trendmicro.com

Archived version

  • Earth Preta has upgraded its attacks, which now include the propagation of PUBLOAD via a variant of the worm HIUPAN
  • Additional tools, such as FDMTP and PTSOCKET, were used to extend Earth Preta’s control and data exfiltration capabilities
  • Another campaign involved spear-phishing emails with multi-stage downloaders like DOWNBAIT and PULLBAIT, leading to further malware deployments
  • Earth Preta’s attacks are highly targeted and time-sensitive, often involving rapid deployment and data exfiltration, with a focus on specific countries and sectors within the APAC region

Earth Preta has been known to launch campaigns against valued targets in the Asia-Pacific (APAC). Recent observations on their attacks against various government entities in the region show that the threat group has updated their malware and strategies.

0

No comments yet. You could be first!