Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Lotus Panda Hacks SE Asian Dugsments with browser’s theft and side -banded programs
Global Security

Lotus Panda Hacks SE Asian Dugsments with browser’s theft and side -banded programs

AdminBy AdminApril 22, 2025No Comments3 Mins Read
Browser Stealers and Sideloaded Malware
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


April 22, 2025Red LakshmananCyber ​​-Spying / Intelligence threats

Browsers thefts and side programs

The Chinese Cyber ​​Spying Group was monitored when Lotus Panda was attributed to a campaign that violated numerous organizations in the unnamed Southeast Asian country between August 2024 and February 2025.

“The targets included the Ministry of Government, the air traffic control, telecommunications operator and construction company,” “Hunter team for threatening Symantec – Note In a new report that shared with Hacker News. “The attacks included the use of multiple new custom tools, including forklifts, the thefts and the SSH return tool.”

The invasion is also said to be aimed at an information agency located in another country of Southeast Asia, and a freight organization located in another neighboring country.

Cybersecurity

The cluster threats by the Broadcom cybersecurity department is evaluated as a continuation of the companies that was disclosed In December 2024, the company as a high-profile organization in Southeast Asia since October 2023.

Then last month Cisco Talos united Actor Lotus Panda to Invisions, aimed at the government sector, production, telecommunications and media in the Philippines, Vietnam, Hong Kong and Taiwan with the back known as Sagerunex.

Lotus Panda (aka Bilbug, Bronze Elgin, Lotus Blossom, SP.

It is believed to have been active with at least 2009 attributed Actor threatening a sustainable financial company that exploded Microsoft Office (Cve-2012-0158) To distribute the posterior name ELISE (AKA Trinsil) designed to execute command and read/file record.

The following attacks set by the group weapon Microsoft Windows Ole Link (Cve-2014-6332) using the attachment of backed bubby sent to A E-mail spear-fining Then a person who works at the French Foreign Ministry in Taiwan to deploy another Trojan associated with Eliza Caden.

In the last wave of attacks noticed by Symantec, the attackers used legal executable files from Trend Micro (“tmdbglog.exe”) and Bitdefender (“BDS.exe”) to download malicious Dll files, which act as loading to dismiss and run the next scene.

Cybersecurity

Bitdefender Binary was also used to download another DLL, though the exact nature of the file is unclear. Another unknown aspect of the company is the initial access vector used to achieve the essence in question.

The attacks paved the way for the updated version of Sagerunex, the exclusively used Lotus Panda. It comes with the possibilities to collect target information about host, encryption and expansion of details on the external server controlled by the attacker.

Also deployed in the attacks are the back tool SSH, and two Chromekatz and Crealientkatz’s theft, which is equipped for siphon passwords and cookies stored in Google Chrome web.

“The attackers have deployed a publicly available Zrok peer tool, using the tool sharing function to provide remote access to the services that have been subjected to internally,” Symantec said. “Another legal instrument has been named” Datecger.exe “. It is able to change temporary tags for files presumably muddy water for incidents.

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025

Operation malicious network supply software gets to NPM and Pypi ecosystems, focusing on millions worldwide

June 8, 2025

Extension of the malicious browser has infected 722 users across Latin America since the beginning of 2025

June 8, 2025

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025

Operation malicious network supply software gets to NPM and Pypi ecosystems, focusing on millions worldwide

June 8, 2025

Extension of the malicious browser has infected 722 users across Latin America since the beginning of 2025

June 8, 2025

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

Two different botnets exploit the vulnerability of the WAZUH server to launch attacks based on peaceful

June 9, 2025

Think what your IDP or CASB covers the shadow? These 5 risks prove differently

June 9, 2025

Openai prohibits chatgpt accounts used by Russian, Iranian and Chinese hacking groups

June 9, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.