Malware pathologists have noted a return to "business as usual" as groups associated with Chinese state interests turned their attentions back to Tibetan matters after a European dalliance earlier this year.
The global pandemic represented a golden opportunity for miscreants and, according to analysis from cybersecurity outfit Proofpoint, several noted Advanced Persistent Threat (APT) groups adopted COVID-19 phishing lures masquerading as World Health Organization (WHO) advice.
Back in March, a phishing campaign attempted to deliver the "Sepulcher" malware to various European institutions (including nonprofits and legislative bodies) with a sender email identified as being linked to historical Chinese APT targeting of the Tibetan community, Proofpoint said.
The malware itself was delivered via a weaponised .RTF attachment, impersonating a WHO document, and was delivered on 16 March. Executing the attachment began a sequence of events that left a malicious .WMF on disk. Firing up that ..
Support the originator by clicking the read the rest link below.
