Cyberespionage operations have been conducted by a pair of Chinese advanced persistent threat groups against organizations in countries part of the Association of Southeast Asian Nations since January, The Hacker News reports.
Organizations in Singapore, Myanmar, Japan, and the Philippines have been subjected to phishing attacks by Chinese state-backed APT Mustang Panda, also known as Earth Preta, Stately Taurus, and Camaro Dragon, coinciding with the ASEAN-Australia Special Summit earlier this month, according to a report from Palo Alto Networks Unit 42.
Such attacks involved the distribution of two malware packages, the first of which was a ZIP file with an executable that eventually launched the PUBLOAD downloader malware while the other was a screensaver executable that fetched next-stage malicious code.
Another Chinese APT group linked to attacks against Cambodia was also observed by researchers.
The report follows a Trend Micro study detailing the widespread cyberespionage operation by fellow Chinese Earth Krahang that commenced in 2022.
