Chinese-linked trojan found in breach of Western aerospace firm
A threat actor with “significant” links to a Chinese advanced hacking group was spotted attacking a western aerospace company, according to the cybersecurity firm Cylance. A remote access trojan (RAT) known as “Hacker’s Door” was discovered during a recent Cylance-led incident response when an unidentified western aerospace company was breached. Hacker’s Door dates back to 2004, but has rarely been found in the wild, due to being intermittently improved, updated and sold over the last decade. The connection to a Chinese APT comes in the form a stolen certificate known to be used by the Winnti group. The link is described as “fairly significant in terms of attribution,” according to Cylance’s Tom Bonner, but not definitive. The RAT is being sold by a Chinese-language developer going by the name “yyt_hac” who timidly asks buyers to avoid “illegal” activity with the tool. The newest version of the tool is designed to run […]
The post Chinese-linked trojan found in breach of Western aerospace firm appeared first on Cyberscoop.
Continue reading Chinese-linked trojan found in breach of Western aerospace firm