Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

28 July 2021

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems. Attributing the intrusions to a threat actor named PKPLUG (aka Mustang Panda and HoneyMyte), Palo Alto Networks’ Unit 42 threat intelligence team said it identified a version of the modular PlugX malware called Thor that was delivered as a post-exploitation tool to one of the compromised servers.

Read full article on The Hacker News

Date:

28 July 2021

Categorie(s):

NEWS

Tag(s):

Cyber Attack, Exchanges, Microsoft Exchange Server, MS, Servers

Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #35926 April 2024
Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024