The Chinese threat actor known as APT31 has been linked to a set of advanced backdoors that are capable of exfiltrating harvested sensitive information to Dropbox.
Kaspersky says.
The attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems.
Kasperssky said in an analysis spotlighting APT 31’s previously undocumented tradecraft.
The intrusions employ a three-stage malware stack.
Each focused on different aspects of the attack chain: setting up persistence, gathering sensitive data, and transmitting the information to a remote server under the attackers’ control.
A third similar implant is configured to send the data via the Yandex email service.
Abusing popular cloud-based data storages may allow the threat actor(s) to evade security measures, the company said.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply