Chinese APT
Coverage of Chinese APT in the Nexus archive.
- Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group named UNC5221 is using new malware, including Brickstorm, Plenet, and AgentPSD, to maintain access to hacked Microsoft 365 environments.
- Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
A Chinese Advanced Persistent Threat (APT) group exploited multiple cloud-based communication and file-sharing tools, including Microsoft Outlook, Slack, Discord, and file.io, to conduct espionage against Mongolia. The threat actor leveraged these platforms for command and control operations to support its cyber-espionage activities.
- Chinese APT Targets Indian Banks, Korean Policy Circles
Chinese Advanced Persistent Threat (APT) groups are targeting Indian banks and Korean policy institutions, using outdated tactics, techniques, and procedures (TTPs) to conduct espionage. The lack of modern methods suggests minimal effort in evading detection.