Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2025/09/27 12:6 p.m.13 views

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugXaka Korplug or SOGU. "The new variant's features overlap with both the RainyDay and Turian backdoors,...

7.5AI score
Exploits0
Securelist
Securelist
added 2021/08/12 10:0 a.m.616 views

IT threat evolution Q2 2021

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous "DLL side-loading triad": a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload,...

9.3CVSS0.99999EPSS
Exploits84
The Hacker News
The Hacker News
added 2021/04/06 7:47 a.m.10 views

Hackers From China Target Vietnamese Military and Government

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat APT called Cycldek or Goblin Panda,...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/06/04 8:31 a.m.1852 views

New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers

A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for latera...

9.3CVSS0.99966EPSS
Exploits48
The Hacker News
The Hacker News
added 2020/06/04 8:31 a.m.5 views

New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers

A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for latera...

5.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/03 8:51 p.m.54 views

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

The Cycldek APT group has added a previously unknown malware dubbed USBCulprit to its arsenal, aimed at reaching air-gapped devices. Cycldek a.k.a. Goblin Panda, APT 27 and Conimes has been targeting governments in Southeast Asia since 2013, according to analysis from Kaspersky, and has been...

0.2AI score
Exploits0References2
Securelist
Securelist
added 2020/06/03 10:0 a.m.957 views

Cycldek: Bridging the (air) gap

Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into it...

9.3CVSS0.99966EPSS
Exploits48
Rows per page
Query Builder