Chinese APT Group Uses New Tradecraft to Live Off the Land | dispatchist.com>
– “bankinfosecurity.com”
This article reports on how the Chinese advanced persistent threat (APT) group, Bronze Union, has developed complex new tradecraft to maliciously live off corporate networks and U.S. government systems. According to FireEye, the group has adapted a toolkit similar to what is employed by the Equation Group, which is believed to be an NSA hacking team. This includes the use of open-source tools, such as Mimikatz, as well as techniques such as remote-access Trojans, scripts, and PowerShell to gain access to networks and deploy malicious tools. The group is believed to be targeting enterprise, government, and sensitive information. The article also explains how FireEye was able to detect Bronze Union’s activities through their investigation into recent supply chain attacks. It then goes on to advise government and enterprise security teams to remain vigilant and monitor for any suspicious activity on their networks.
Link: https://dispatchist.com/news/chinese-apt-group-uses-new-tradecraft-to-live-off-the-land/