China-linked Alloy Taurus APT uses a Linux variant of PingPull malware
Security Affairs
APRIL 26, 2023
China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033. However, the attackers chose a domain name that gives the impression of a connection to the South African military. org over port 8443 for C2. Experts added that the IP 196.216.136[.]139 softether[.]net
Let's personalize your content