The Chinese language superior persistent risk (APT) actor generally known as APT41 (or Barium, Bronze Atlas, Double Dragon and Depraved Panda) has focused no less than 13 organizations throughout the US, Taiwan, India, Vietnam and China as a part of 4 completely different campaigns in 2021.
The information comes from Group-IB Safety researchers, who printed an advisory detailing APT41 actions from the start of 2021 to the current day.
“For the primary time, we had been capable of establish the group’s working hours in 2021, that are much like common workplace enterprise hours,” Group-IB wrote.
Based on the safety consultants, nearly all of the assaults noticed as a part of these campaigns primarily relied on SQL injections on focused domains as preliminary entry vectors to infiltrate sufferer networks. APT41 would then ship a customized Cobalt Strike beacon onto the endpoints.
The principle distinction with conventional Cobalt Strike assaults, nevertheless, is that in these campaigns, the Cobalt Strike beacon was break up and delivered in smaller chunks of code as an obfuscation tactic to fly beneath the radar. Solely then it might write out all the payload to a file on the contaminated host.
“Our efforts have resulted in about 80 proactive notifications to personal and authorities organizations worldwide relating to APT41 assaults (each in progress and accomplished) in opposition to their infrastructures in order that the organizations might take the required steps to guard themselves or seek for traces of compromise of their networks,” learn the advisory.
When it comes to the industries focused by the assaults, Group-IB talked about the general public sector, manufacturing, healthcare, logistics, hospitality and schooling, in addition to the media and aviation.
“We are going to proceed to discover the strategies, instruments and techniques utilized by one of many oldest and nonetheless harmful teams, APT41,” Group-IB stated.
The advisory comes months after safety researchers revealed APT41 compromised no less than six US state authorities networks between Could 2021 and February 2022.
![[UPDATE]NCSoft’s Horizon MMO Has Reportedly Been Shelved Following Feasibility Review](https://www.psu.com/wp/wp-content/uploads/2025/01/Horizon.jpeg "[UPDATE]NCSoft’s Horizon MMO Has Reportedly Been Shelved Following Feasibility Review")
