"Chinese APT Targets Hong Kong in Supply Chain Attack"
Researchers have discovered that an emerging China-backed Advanced Persistent Threat (APT) group dubbed Carderbee targeted Hong Kong organizations in a supply chain attack involving legitimate software to deploy the PlugX/Korplug backdoor. The Symantec Threat Hunter Team disclosed that Carderbee used a compromised version of Cobra DocGuard, an application for protecting, encrypting, and decrypting software developed by the Chinese company EsafeNet, to get access to victims' networks. During the attack, the group used its PlugX installer malware signed with another legitimate entity, a Microsoft certificate. This article continues to discuss the Carderbee APT group targeting organizations in Hong Kong in a supply chain attack.
Dark Reading reports "Chinese APT Targets Hong Kong in Supply Chain Attack"