Security researchers have identified a new malware campaign directed against a Chinese government agency wherein the threat actors deployed an info-stealing malware known as Zegost. It is speculated that the malware was used to gather some form of intelligence from the government agency. Discovered by researchers from Fortinet, the malware is known to perform a number of malicious actions after infecting target machines.
The big picture
An emerging campaign
Fortinet researchers also indicate that this attack campaign is slowly growing in its operations. “At the time of our discovery, as well as during our initial observation of this spearphishing campaign, we were curious to see if this was a one-off campaign. However, our analysis now confirms that this is an emergent campaign that was in progress at the time we discovered it,” wrote the researchers.
The attack campaign is also reported to have used the same infrastructure that was previously used in other campaigns that distributed malicious APKs, backdoors, and DDoS botnets.