CyberNews Briefs

Chinese Hackers Target Europe, Tibetans With ‘Sepulcher’ Malware

On Wednesday, Proofpoint security researchers released a report detailing links between COVID-19 themed phishing attacks and APT TA413. TA413 has been active for almost a decade, well known for its use of the LuckyCat and ExileRAT malware. APT TA413 is a Chinese threat actor group that largely targets European diplomatic entities and organizations in Tibet.

However, the group has recently been tied to phishing attacks impersonating the World Health Organization, capitalizing on the current pandemic and public fear to lure victims into clicking malicious links that deliver the Sepulcher malware. Proofpoint researchers also tied TA413 to a separate campaign targeting Tibetan dissidents, attempting to deliver the same Sepulcher malware. According to Proofpoint, the group acted in the interest of the Chinese government, prioritizing intelligence collection for the majority of this year before reverting to their typical attacks and targeting later.

Read More: Chinese Hackers Target Europe, Tibetans With ‘Sepulcher’ Malware

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.