A well-known APT Hackers group “OceanLotus” breach the automobile giant BMW network, and successfully installed a hacking tool called “Cobalt Strike” which help them to spy and remotely control the system. Security experts from BMW spotted that hackers penetrate the company network system and remain stayed active since March 2019. The OceanLotus APT group believed […]
OceanLotus APT Group also known as APT32, SeaLotus, and CobaltKitty uses undetected Remote Access trojans Ratsnif to leverage network attack capabilities. The trojan was active since 2016, and it has features like packet sniffing, gateway/device ARP poisoning, DNS poisoning, HTTP injection, and MAC spoofing. The Cylance Threat Research Team detected four distinct samples of Ratsnif […]
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users
A Well-known APT Group OceanLotus leveraging a steganography method to hide the encrypted malware payload within a .png image file to infect the targeted system. OceanLotus group known for Multiple attack campaigns around the globe, the threat actor group targets private sectors across multiple industries, foreign governments. Steganography, a method used by attackers to hide […]
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar
OceanLotus group known for Multiple attack campaigns around the globe, the threat actor group targets private sectors across multiple industries, foreign governments, activists, and dissidents connected to Vietnam. Palo Alto Networks’ Unit 42 division researchers observed a new custom malware family dubbed “KerrDown” used by the threat actor group since 2018. This ongoing campaign primarily […]
ESET researchers identified 21 distinct websites that had been compromised including some particularly notable government and media sites