Collaborate Disseminate
By Sudais Asif
For now, researchers believe that the malware is targeting Vietnamese users however it is about time it hits macOS users around the world.
This is a post from HackRead.com Read the original post: OceanLotus hackers hit macOS users with n… Continue reading OceanLotus hackers hit macOS users with new malware
The new backdoor comes with multiple payloads and new detection evasion tactics. Continue reading MacOS Users Targeted By OceanLotus Backdoor
By Waqas
OceanLotus is a Vietnamese APT32 group previously known for targeting Android and Mac devices with malware.
This is a post from HackRead.com Read the original post: OceanLotus hackers injecting malware in Windows error report
Continue reading OceanLotus hackers injecting malware in Windows error report
The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim. Continue reading APT Attack Injects Malware into Windows Error Reporting
A group of sophisticated threat actors known as OceanLotus or PhantomLance has recently become known for disseminating advanced Android threats via official and third-party marketplaces since 2014. They have sought to remotely control infected devices,… Continue reading Android Campaign from Known OceanLotus APT Group Potentially Older than Estimated, Abused Legitimate Certificate
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia — and could be the work of the OceanLotus APT. Continue reading Sophisticated Android Spyware Attack Spreads via Google Play
In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Vietnam’s OceanLotus Group Ramps up hacking car companies, UC Browser violates Google Play Store Rules, & how Russia is spoofing GPS Signals on a mas… Continue reading OceanLotus, Russia, & Google – Paul’s Security Weekly #599
The OceanLotus APT is using two new loaders which use steganography to read their encrypted payloads. Continue reading OceanLotus APT Uses Steganography to Shroud Payloads
In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Vietnam’s OceanLotus Group Ramps up hacking car companies, UC Browser violates Google Play Store Rules, & how Russia is spoofing GPS Signals on a … Continue reading OceanLotus, Russia, & Google – Paul’s Security Weekly #599
A prominent Vietnam-linked hacking group is exploiting a number of Southeast Asian organizations’ websites to deliver malware that extracts detailed information about victims’ systems, researchers say. According to a report released Tuesday by Slovakian cybersecurity company ESET, the threat group APT32, also known as OceanLotus Group, has been conducting watering hole attacks using at least 21 vulnerable websites belonging to government, media and other organizations as far back as September. APT32 is believed to be based in Vietnam and possibly linked to its government. Past research has shown APT32 to be a highly capable threat group that targets a wide variety of public and private organizations with customized tools for each target. Similarly, this campaign shows APT32 using a unique domain and server for each website it’s using as a watering hole, and the group only sends additional payloads to specific victims, according to ESET. ESET said it notified 21 website […]
The post ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign appeared first on Cyberscoop.