According to Kaspersky researchers, Cycldek, a Chinese APT group is targeting Vietnam’s government and military organizations in a new cyberespionage campaign.
According to a report by Kaspersky researchers, a Chinese-speaking threat group called Cycldek, also known as Lucky Mouse, APT 27, Goblin Panda, and Conimes is spying on the Vietnamese government and military organizations.
It is an APT (advanced persistent threat) group. As per their analysis, this group has been active since 2013.
Further probe revealed that dozens of computers had been targeted in this campaign so far, and almost 80% are located in Vietnam while the remaining 20% are located in Thailand and Central Asia.
SEE: China’s insidious surveillance against Uyghurs with Android malware
Kaspersky researchers claim that other targeted sectors included education, healthcare, and diplomacy apart from government and military. The campaign seems like a local threat, but the attack chain may be extended to other regions in the near future, researchers assessed.
Hackers Delivering FoundCore RAT
The primary motive behind this campaign is to spy on the Vietnamese government and military entities. In this advanced cyber-espionage campaign, threat actors use a remote-access tool to carry out their malicious spying operations.
Reportedly, Cycldek has used several new tactics representing a significant “advancement in terms of sophistication,” as they are using FoundCore malware. This marks a huge step forward in their espionage tools. FoundCore lets attackers carry out filesystem manipulation, capture screenshots, process manipulation, and execute arbitrary commands.
