3 matches found
The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor
Summary: The Sandman Advanced Persistent Threat APT is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandmans Lua-based malware, LuaDream, and the KEYPLUG backdoor have...
Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor
Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat APT called Sandman and a China-based threat cluster that's known to use a backdoor referred to as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligenc...
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time JIT compiler for the Lua programming...