Skip to main content

CarderBee hacking group targets organizations in Asia

posted onAugust 23, 2023
by l33tdawg
Silicon Angle
Credit: Silicon Angle

An unknown advanced persistent threat group has been observed attacking organizations in Asia, particularly Hong Kong, using commercial software to deploy “backdoor” malware.

Dubbed “CarderBee” by researchers at Symantec, the hacking group uses Cobra DocGuard Client, a software package designed to allow users to access and manage their Consolidated Omnibus Budget Reconciliation Act documents to gain access to victim’s machines.

The Cobra DocGuard Client is said to have been designed by Chinese company EsafeNet. That’s where the story gets interesting. According to the researchers, CarderBee uses PlugX, a malware family used by Chinese state-backed threat groups — so Chinese-designed software is being compromised by Chinese state-sponsored actors.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th