Keeping Knowledge Free for Over a Decade

CarderBee hacking group targets organizations in Asia

posted onAugust 23, 2023

by l33tdawg

Silicon Angle

Credit: Silicon Angle

An unknown advanced persistent threat group has been observed attacking organizations in Asia, particularly Hong Kong, using commercial software to deploy “backdoor” malware.

Dubbed “CarderBee” by researchers at Symantec, the hacking group uses Cobra DocGuard Client, a software package designed to allow users to access and manage their Consolidated Omnibus Budget Reconciliation Act documents to gain access to victim’s machines.

The Cobra DocGuard Client is said to have been designed by Chinese company EsafeNet. That’s where the story gets interesting. According to the researchers, CarderBee uses PlugX, a malware family used by Chinese state-backed threat groups — so Chinese-designed software is being compromised by Chinese state-sponsored actors.

Source

Tags

Security

previous article

You May Also Like

Recent News

Friday, May 10th

Boeing Confirms Lockbit Hackers Wanted $200 Million Ransom After 2023 Hack

Dell discloses data breach of customers’ physical addresses

Poland says it was targeted by Russian military intelligence hackers

Leaked FBI email stresses need for warrantless surveillance of Americans

Stack Overflow users sabotage their posts after OpenAI deal

Fedora Asahi Remix 40 is another big step forward for Linux on Apple Silicon Macs

6 Practical Tips for Using Anthropic's Claude Chatbot

Thursday, May 9th

OpenAI Is ‘Exploring’ How to Responsibly Generate AI Porn

Dell responds to return-to-office resistance with VPN, badge tracking

Hands-on with the new iPad Pros and Airs: A surprisingly refreshing refresh

Wednesday, May 8th

Chinese Hackers Deployed Backdoor Quintet to Down MITRE

Apple announces M4 with more CPU cores and AI focus

Boeing says workers skipped required tests on 787 but recorded work as completed

Ransomware mastermind LockBitSupp has been ID’d

OpenAI’s flawed plan to flag deepfakes ahead of 2024 elections

Tuesday, May 7th

Indian police adopt facial recognition despite risk of massive data breaches

Cybersecurity Workforce Sustainability Has a Problem

New Cuckoo macOS malware can take over all Macs and steals your passwords too

Apple’s iPhone Spyware Problem Is Getting Worse

Tesla announces fourth round of layoffs in four weeks

New Microsoft AI model may challenge GPT-4 and Google Gemini

Novel attack against virtually all VPN apps neuters their entire purpose

Hackers discover how to reprogram NES Tetris from within the game

Monday, May 6th

NASA hasn’t landed on the Moon in decades—China just sent its third in six years

Counterfeit Cisco gear ended up in US military bases, used in combat operations

Microsoft plans to lock down Windows DNS like never before. Here’s how.

These dangerous scammers don’t even bother to hide their crimes

Friday, May 3rd

Iranian state-backed cyber spies continue to impersonate media brands, think tanks

Malware attacks on Docker Hub spread millions of malicious repositories

Want to Buy a Decommissioned Supercomputer? Here’s Your Chance

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

Would You Still Use Google if It Didn't Pay Apple $20 Billion to Get on Your iPhone?

Thursday, May 2nd

Nvidia's flagship gaming GPU can crack complex passwords in under an hour

The US Government Is Asking Big Tech to Promise Better Cybersecurity

Email reveals Microsoft's rushed decision to invest in OpenAI