Rene RobichaudJan 9, 2025

APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub
https://gbhackers.com/apt32-hacker-group-poisoning-github/

#Infosec #Security #Cybersecurity #CeptBiro #APT32 #HackerGroup #GitHub

APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub

The malicious Southeast Asian APT group known as OceanLotus (APT32) has been implicated in a sophisticated attack.

GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Anonymous 🐈️🐾☕🍵🏴🇵🇸 Aug 30, 2024
#APT32 has been exploiting spear-phishing to infiltrate and compromise a Vietnamese human rights organization for over four years. They deployed #CobaltStrike Beacons to steal sensitive data, including Google Chrome cookies and personal information. https://thehackernews.com/2024/08/vietnamese-human-rights-group-targeted.html
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32

Vietnamese human rights group targeted by APT32 hackers in multi-year campaign. Malware used to compromise systems and steal data.

The Hacker News
Josh LemonOct 23, 2023

Thanks SC Magazine, for allowing me to provide a little detail on #APT32 and some of the organised crime groups in Vietnam, alongside @WithSecureLabs' recent report on the recent use of #DarkGate #malware.

#APT #DFIR #IncidentResponse

https://www.scmagazine.com/news/hackers-target-u-s-facebook-biz-accounts-with-potent-malware-cocktail

Hackers target U.S. Facebook biz accounts with potent malware cocktail

Multiple threat actors are using a malware as a service toolset and targeting Facebook business accounts in the U.S., UK and India.

SC Media
iCyberFighterNov 17, 2022

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

SecurityLabFeb 25, 2021

APT32 годами атакует вьетнамских правозащитников с помощью шпионского ПО #APT32, #кибершпионаж, #Вьетнам https://t.co/MMlV8kq3Xj https://t.co/fVcDCYCj3o

Источник: https://twitter.com/SecurityLabnews/status/1364837542676299777

APT32 годами атакует вьетнамских правозащитников с помощью шпионского ПО

Атаки являются частью текущей кампании, направленной на слежку за вьетнамскими правозащитниками, блоггерами и некоммерческими организациями.

SecurityLabDec 14, 2020
Facebook связала APT32 с IT-компанией во Вьетнаме #Facebook, #APT32 https://www.securitylab.ru/news/514777.php https://twitter.com/SecurityLabnews/status/1338409700006764544/photo/1
ITSEC NewsDec 11, 2020
Facebook Shutters Accounts Used in APT32 Cyberattacks - Facebook shut down accounts and Pages used by two separate threat groups to spread malware and con... https://threatpost.com/facebook-accounts-apt32-cyberattacks/162186/ #phishingattack #malwareattack #wateringhole #cyberattack #bangladesh #googleapps #googleplay #facebook #phishing #malware #hacks #apt32
Facebook Shutters Accounts Used in APT32 Cyberattacks

Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks.

Threatpost - English - Global - threatpost.com
ITSEC NewsNov 30, 2020
MacOS Users Targeted By OceanLotus Backdoor - The new backdoor comes with multiple payloads and new detection evasion tactics. https://threatpost.com/macos-users-targeted-oceanlotus-backdoor/161655/ #vietnamesecyberattack #microsoftword #oceanlotusapt #macosmalware #oceanlotus #ziparchive #backdoor #malware #payload #apt32 #macos
MacOS Users Targeted By OceanLotus Backdoor

The new backdoor variant comes with multiple payloads and new detection evasion tactics.

Threatpost - English - Global - threatpost.com
Tarnkappe.infoOct 7, 2020
📬Windows Error Reporting: Hacker missbrauchen Dienst für Malware-Angriff📬 https://tarnkappe.info/windows-error-reporting-hacker-missbrauchen-dienst-fuer-malware-angriff/ #WindowsErrorReporting #APT32-Gruppe #JérômeSegura #Malwarebytes #HosseinJazi #Hacking #Kraken
Windows Error Reporting: Hacker missbrauchen Dienst für Malware-Angriff

Die Sicherheitsforscher von Malwarebytes berichten von einer Angriffsmethode, die den Windows Error Reporting-Dienst missbraucht.

Tarnkappe
ITSEC NewsOct 6, 2020
APT Attack Injects Malware into Windows Error Reporting - The fileless attack uses a phishing campaign that lures victims with information about a worker’s ... https://threatpost.com/apt-attack-malware-windows-error-reporting/159861/ #windowserrorreporting #workersscompensation #detectionevasion #filelessmalware #malwarebytes #websecurity #cyberattack #nationstate #oceanlotus #vietnamese #injection #campaign #malware #vietnam #kraken #apt32 #apt
APT Attack Injects Malware into Windows Error Reporting

The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.

Threatpost - English - Global - threatpost.com