Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Chinese hackers targeted Iranian government entities for months: Report | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Chinese advanced persistent threat actor, Playful Taurus, targeted several Iranian government entities between July and December 2022, according to a Palo Alto Networks report. 

The Chinese threat actor also known as APT15, KeChang, NICKEL, BackdoorDiplomacy, and Vixen Panda, was observed attempting to connect government domains to malware infrastructure previously associated with the APT group, according to the report.

“Playful Taurus continues to evolve their tactics and their tooling. Recent upgrades to the Turian backdoor and new C2 infrastructure suggest that these actors continue to see success during their cyber espionage campaigns,” Palo Alto Networks said in a blog. 

“Our analysis of the samples and connections to the malicious infrastructure suggest that Iranian government networks have likely to been compromised,” the cybersecurity firm added. 

The firm has also cautioned that the threat actor has been deploying the same tactics and techniques against other government and diplomatic entities across North and South America, Africa, and the Middle East.

Playful Taurus deployed new version of Turian malware

In the recent attacks against government entities in Iran, the researchers observed Playful Taurus was using a new version of the Turian malware and a new command and control (C2) infrastructure. 

Copyright © 2023 IDG Communications, Inc.


Click Here For The Original Story From This Source.

National Cyber Security