HealthcareCISO

Antivirus engines foiled an advanced attacker’s attempts to infiltrate a governmental institution and corporate networks of two companies in the telecommunications and gas sector.

Based on the set of tools discovered, the attacks are the work of a professional threat actor believed to be from China, with a mission to spy on targets in Central Asia.

Links to known malware
The attacks occurred last fall and were stopped automatically by Avast and ESET antivirus engines. A host of backdoors and tools for lateral movement were later analyzed by malware researchers, who found code similarities with past malware and campaigns attributed to...