Chinese advanced persistent threat group Earth Aughisky, also known as Taidoor, has continuously updated its malware toolset in attacks targeted at Taiwan and Japan during the past 10 years, The Hacker News reports.
Spear-phishing has been Earth Aughisky's most used entry method to facilitate next-stage backdoor deployment led by the remote access trojan Taidoor, also known as Roudan, a Trend Micro report found. Earth Aughisky has also been associated with the GrubbyRAT, LuckDLL, K4RAT, Taleret, Serkdes, and Taikite malware families. Backdoors SiyBot, DropNetClient, and TWTRAT have also been used by the APT group, according to researchers. "Groups like Earth Aughisky have sufficient resources at their disposal that allow them the flexibility to match their arsenal for long-term implementations of cyber espionage. Organizations should consider this observed downtime from this group's attacks as a period for preparation and vigilance for when it becomes active again," said Trend Micro researcher CH Lei.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.