Researchers from SentinelLabs have disclosed a small but lethal China-linked APT that has gone undetected by security researchers for almost a decade. The researchers state that evidence suggests that the APT, named Aogin Dragon, has flown under the radar since 2013. During this time, they have been running cyberattack campaigns against companies and organizations in the education, government, and telecommunications sectors. The attacks primarily target Southeast Asia and Australia. It’s possible that the group has an association to another APT called UNC94, SentinelLabs reported.
Researchers state that one of the techniques this group uses is to leverage pornographic themes in order to entice targets to download malicious documents. Aogin Dragon commonly seeks initial access through document exploits such as this one. However, the group has been operating for a decade, during which they have shifted their tactics significantly. This evolution has allowed them to remain undetected for so long.
Read More: China-linked APT Flew Under Radar for Decade
