REPORTS

APT Activity Report

May 15, 2024

This report summarizes notable activities of selected advanced persistent threat (APT) groups that were documented by ESET researchers from October 2023 until the end of March 2024. The highlighted operations are representative of the broader landscape of threats we investigated during this period, illustrating the key trends and developments, and contain only a fraction of the cybersecurity intelligence data provided to customers of ESET’s private APT reports.

In the monitored timeframe, several China-aligned threat actors exploited vulnerabilities in public-facing appliances, such as VPNs and firewalls, and software, such as Confluence and Microsoft Exchange Server, for initial access to targets in multiple verticals. Based on the data leak from I-SOON (Anxun), we can confirm that this Chinese contractor is indeed engaged in cyberespionage. We track a part of the company’s activities under the FishMonger group. In this report, we also introduce a new China-aligned APT group, CeranaKeeper, distinguished by unique traits yet possibly sharing a digital quartermaster with the Mustang Panda group.

SHARE:
Price: FREE

About the Provider

ESET
ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software. Now, ESET’s goal is to make sure that everybody can enjoy the breathtaking opportunities that technology offers. Today, our security solutions allow businesses and consumers in more than 200 countries and territories to make the most of the digital world.

TOPICS

Cyber warfare