OceanLotus Targets Vietnam with SPECTRALVIPER Spyware

🔗 https://cybersecurefox.com/en/oceanlotus-spectralviper-vietnam-campaigns

#OceanLotus #APT32 #SPECTRALVIPER #FireAnt #Metakit #Vietnam #cyber #espionage

📰 Vietnam's OceanLotus APT Pivots to Domestic Spying, Hits Construction and Finance Sectors

Vietnam's OceanLotus APT (APT32) pivots to domestic spying, targeting construction and finance. New campaigns include a supply-chain attack on FireAnt stock software, deploying the SPECTRALVIPER backdoor. 🇻🇳 #APT32 #OceanLotus #CyberEspionage

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/vietnam-apt-oceanlotus-targets-domestic-firms-spy-campaigns/?utm_sourc…

APT32 Hacker Group Attacking Cybersecurity Professionals Poisoning GitHub
https://gbhackers.com/apt32-hacker-group-poisoning-github/

#Infosec #Security #Cybersecurity #CeptBiro #APT32 #HackerGroup #GitHub

Thanks SC Magazine, for allowing me to provide a little detail on #APT32 and some of the organised crime groups in Vietnam, alongside @WithSecureLabs' recent report on the recent use of #DarkGate #malware.

#APT #DFIR #IncidentResponse

https://www.scmagazine.com/news/hackers-target-u-s-facebook-biz-accounts-with-potent-malware-cocktail

via: @campuscodi

QiAnXin published a report on the recent attacks of #OceanLotus (#APT32) that targeted Chinese organizations throughout 2021.

The group allegedly used 3 zero-day #vulns:

+1 in an unnamed antivirus product
+2 in an unnamed workstation management system. More here (in Chinese): https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ | #infosec #espionage #malware

APT32 годами атакует вьетнамских правозащитников с помощью шпионского ПО #APT32, #кибершпионаж, #Вьетнам https://t.co/MMlV8kq3Xj https://t.co/fVcDCYCj3o

Источник: https://twitter.com/SecurityLabnews/status/1364837542676299777