APT41
-
TA415 Uses Visual Studio Code Remote Tunnels in Targeted U.S.-China Policy Espionage Campaign
A China-aligned threat actor known as TA415 carried out spear-phishing campaigns targeting U.S. policy and economic-relations circles, using VS Code Remote Tunnels and a Python loader, WhirlCoil, to establish a persistent backdoor and harvest data amid ongoing U.S.-China trade talks, according to Proofpoint.
-
China-Linked APT41 Targets African IT Infrastructure in New Cyber Espionage Campaign
APT41, a Chinese-linked cyber espionage group, has launched a targeted campaign against government IT services in Africa, utilizing advanced malware techniques that involve a compromised SharePoint server for communication.
