2007, File names, Libraries and Security - Information Management Today

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. Like the sample analyzed by Cyberreason, the Spyder Loader sample analyzed by Symantec uses the CryptoPP C++ library. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook.

File names

File names Encryption Manufacturing Libraries

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. These commands include instructing the malware to upload log files, photos stored on the device, and acquire device location using the Baidu Location library.” government.

File names

File names Libraries Cybersecurity IT

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. File name: patent-2019-02-20T093A283A05-1.xls File name : 68131_46_20190219.doc Technical Analysis.

File names

File names Phishing Libraries IT

China-linked APT41 group targets Hong Kong with Spyder Loader

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Stay Connected