Google said Wednesday that it caught suspected People’s Republic of China-backed hackers leveraging its Calendar service to help stealthily stage attacks on government agencies. In late October of last year, Google Threat Intelligence Group said it “discovered an exploited government website hosting malware being used to target multiple other government entities,” the company’s Patrick Whitsell…
Category: Winnti
APT41, Asia Pacific, backdoor, china, Cybercrime, Geopolitics, Global Security News, Government, malware, nation-state hackers, php, QiAnXin, Threats, Winnti
PHP backdoor looks to be work of Chinese-linked APT group
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin’s XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. After initially discovering the malware in…