The campaign targets Web3 gamers, exploiting their potential lack of cyber hygiene in the pursuit of profits. It represents a significant cross-platform threat, utilizing a variety of malware to compromise users' systems.

Chinese state-sponsored threat activity group RedAlpha has been registering and weaponizing hundreds of domains spoofing global organizations to target government organizations and think tanks globally.

Researchers reported suspected intrusions targeting the Indian media conglomerate The Times Group; the Unique Identification Authority of India (UIDAI); and the Madhya Pradesh Police department.

Beginning on March 1, 2021, Recorded Future’s Insikt Group identified a large increase in victim communications to PlugX command and control (C2) infrastructure publicly attributed to the suspected Chinese state-sponsored group Calypso APT.

FireEye has named the threat actor “UNC2452,” and Volexity dubbed the threat actor “Dark Halo,” stating that the actor is the same as UNC2452, though FireEye has not substantiated that claim.

Threat actors in criminal underground forums are actively discussing this vulnerability and other exploits used to compromise cPanel, making valid cPanel credentials a valuable commodity right now.

In October 2020, during an investigation of a spearphishing campaign targeting the Tibetan community, Insikt Group discovered links to an unknown threat activity group that also targeted Taiwan.

In June 2020, Insikt Group reported on new APT32 operational infrastructure identified through a proprietary method of tracking malware activity associated with APT32, such as METALJACK and DenisRAT.

Several threat actors have recently taken to popular sites like YouTube, Vimeo, and Sellix to advertise and demonstrate their discount-priced $40 ransomware-as-a-service (RaaS) builder called ZagreuS.

The campaign, which is hosted on Russian domain infrastructure but does not target Russian users, is globally harvesting credentials from a variety of organizations in the public and private sectors.