The Threat CodexAug 28, 2024
Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders
#OceanLotus
https://www.huntress.com/blog/advanced-persistent-threat-targeting-vietnamese-human-rights-defenders
Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders | Huntress

Huntress identified an intrusion against a non-profit supporting Vietnamese human rights that’s likely spanned years. Jump in as we provide a thorough analysis of this malicious threat actor.

iCyberFighterNov 17, 2022

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

Digital_MonetNov 14, 2022
#oceanlotus https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ
heise online (inoffiziell)Feb 24, 2021
Amnesty International hat in Phishing-Mails Hinweise gefunden, dass die Gruppe Ocean Lotus einen in Deutschland lebenden vietnamesischen Blogger ausgespäht hat.
Ocean Lotus: Cyberangriffe auf Aktivisten aus Vietnam in Deutschland
Ocean Lotus: Cyberangriffe auf Aktivisten aus Vietnam in Deutschland

Amnesty International hat in Phishing-Mails Hinweise gefunden, dass die Gruppe Ocean Lotus einen in Deutschland lebenden vietnamesischen Blogger ausgespäht hat.

dispatchDec 2, 2020
Mac users warned of more Ocean Lotus malware targeted attacks https://grahamcluley.com/mac-users-warned-of-more-ocean-lotus-malware-targeted-attacks/ #oceanlotus #Malware #macOS
Mac users warned of more Ocean Lotus malware targeted attacks

Security researchers have warned of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. If you're a Mac user, I really hope you're running anti-virus…

ITSEC NewsDec 2, 2020
Mac users warned of more Ocean Lotus malware targeted attacks - Security researchers have warned of the latest incarnation of a backdoor trojan horse that has bee... https://grahamcluley.com/mac-users-warned-of-more-ocean-lotus-malware-targeted-attacks/ #oceanlotus #malware #macos
Mac users warned of more Ocean Lotus malware targeted attacks

Security researchers have warned of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. If you're a Mac user, I really hope you're running anti-virus…

SecurityLabDec 1, 2020
Вьетнамская APT-группа наряду с кибершпионскими операциями занялась майнингом #Вьетнам, #майнинг, #APT, #OceanLotus, #Microsoft https://www.securitylab.ru/news/514469.php https://twitter.com/SecurityLabnews/status/1333711194872553472/photo/1
Вьетнамская APT-группа наряду с кибершпионскими операциями занялась майнингом

Похоже, кибершпионы ищут способы получения финансовой выгоды с систем, взломанных в рамках кибершпионских операций.

ITSEC NewsNov 30, 2020
MacOS Users Targeted By OceanLotus Backdoor - The new backdoor comes with multiple payloads and new detection evasion tactics. https://threatpost.com/macos-users-targeted-oceanlotus-backdoor/161655/ #vietnamesecyberattack #microsoftword #oceanlotusapt #macosmalware #oceanlotus #ziparchive #backdoor #malware #payload #apt32 #macos
MacOS Users Targeted By OceanLotus Backdoor

The new backdoor variant comes with multiple payloads and new detection evasion tactics.

Threatpost - English - Global - threatpost.com
SecurityLabOct 7, 2020
Хакеры используют службу WER в бесфайловых кибератаках #кибератака, #Malwarebytes, #OceanLotus https://www.securitylab.ru/news/512802.php https://twitter.com/SecurityLabnews/status/1313737082171523072/photo/1
Хакеры используют службу WER в бесфайловых кибератаках

За новой вредоносной кампанией предположительно стоит вьетнамская кибершпионская группировка APT32.

ITSEC NewsOct 6, 2020
APT Attack Injects Malware into Windows Error Reporting - The fileless attack uses a phishing campaign that lures victims with information about a worker’s ... https://threatpost.com/apt-attack-malware-windows-error-reporting/159861/ #windowserrorreporting #workersscompensation #detectionevasion #filelessmalware #malwarebytes #websecurity #cyberattack #nationstate #oceanlotus #vietnamese #injection #campaign #malware #vietnam #kraken #apt32 #apt
APT Attack Injects Malware into Windows Error Reporting

The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.

Threatpost - English - Global - threatpost.com