Chinese advanced persistent threat group Earth Aughisky, also known as Taidoor, has continuously updated its malware toolset in attacks targeted at Taiwan and Japan during the past 10 years, The Hacker News reports.
Spear-phishing has been Earth Aughisky's most used entry method to facilitate next-stage backdoor deployment led by the remote access trojan Taidoor, also known as Roudan, a Trend Micro report found. Earth Aughisky has also been associated with the GrubbyRAT, LuckDLL, K4RAT, Taleret, Serkdes, and Taikite malware families. Backdoors SiyBot, DropNetClient, and TWTRAT have also been used by the APT group, according to researchers. "Groups like Earth Aughisky have sufficient resources at their disposal that allow them the flexibility to match their arsenal for long-term implementations of cyber espionage. Organizations should consider this observed downtime from this group's attacks as a period for preparation and vigilance for when it becomes active again," said Trend Micro researcher CH Lei.
This week, Dr. Doug raves about: 'The Orgy of the Walking Dead' or Elon is controlling my brain, Schoolyard Bully, Redigo, DuckLogs, Dod Alphabet soup, Sirius XM, Pixel Tracking, TSA, Single Sign-on rants, and more on the Security Weekly News!
Several adware, malware, and phishing apps masquerading as system optimizers and utilities have been downloaded more than two million times cumulatively from the Google Play Store, reports BleepingComputer.