securityaffairsNov 23, 2024
#China-linked #APT #Gelsemium uses a new #Linux #backdoor dubbed #WolfsBane
https://securityaffairs.com/171299/apt/china-linked-apt-gelsemium-linux-backdoor.html
#securityaffairs #hacking
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane

China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia.

Security Affairs
Thomas StrömbergNov 22, 2024

The best part of studying the #WolfsBane (#Gelsemium) #Malware samples is the cornucopia of malicious behaviors it has to learn from: from discovery to evasion to persistence. It's my first time seeing ELF binaries with critical content hidden in wide character encoding (16-bit little endian) and multiple concatenated ELF programs in a single file.

... but what's with the `en_US.UTF-8` reference?

Tech Cybersecurity NieuwsNov 21, 2024
Chinese hackers richten zich op linux met nieuwe wolfsbane malware https://www.trendingtech.news/trending-news/2024/11/49500/chinese-hackers-richten-zich-op-linux-met-nieuwe-wolfsbane-malware #WolfsBane #Linux #Malware #Gelsemium #Cybersecurity #Trending #News #Nieuws
Chinese hackers richten zich op linux met nieuwe wolfsbane malware

Onderzoekers hebben een nieuwe Linux-backdoor ontdekt, genaamd 'WolfsBane', die naar verluidt een poort is van Windows-malware die door de Chinese 'Gelsemium'

Tech Nieuws
Tech Cybersecurity NieuwsNov 21, 2024
Nieuwe linux-varianten van chinese apt gelsemium bedreigen cybersecurity https://www.trendingtech.news/trending-news/2024/11/49498/nieuwe-linux-varianten-van-chinese-apt-gelsemium-bedreigen-cybersecurity #Linux-malware #Gelsemium #cybersecurity #APT-groep #backdoor #Trending #News #Nieuws
Nieuwe linux-varianten van chinese apt gelsemium bedreigen cybersecurity

Chinese cyberdreigingsgroep Gelsemium heeft zijn activiteiten uitgebreid naar Linux-systemen. De groep, die bekend staat om zijn geavanceerde aanhoudende dreig

Tech Nieuws
securityaffairsSep 25, 2023
Is #Gelsemium #APT behind a targeted attack in Southeast Asian Government?
https://securityaffairs.com/151381/apt/gelsemium-apt-attack-southeast-asian-govt.html
#securityaffairs #hacking
Is Gelsemium APT behind an attack in Southeast Asian Govt?

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023.

Security Affairs
Just Another Blue TeamerSep 23, 2023

I hope everyone is having a good weekend!

The Palo Alto Networks Unit 42 research team discovered some activity that they attributed to a very stealthy and rarely seen APT, #Gelsemium. They target a diverse group of industries but use tools like #CobaltStrike, #MetaSploit, and #ChinaChopper but also used the Potato Suite that was seen as JuicyPotato.exe (who can't appreciate that?!). This was a great weekend read and I hope you all enjoy it as much as I did! Happy Hunting!

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

Threat activity targeting a Southeast Asian government could provide insight into the workings of APT Gelsemium. We examine the rare TTPs we observed in two attacks.

Unit 42
Nonbinary-Naturalist- it/skullJun 19, 2023

#carolinajasmine first on March 3rd, 2022, then 202 days later, September 21st, 2022:

#flowers #gelsemium #gelsemiumsempervirens