Recently, the China-based BlackTech cyberspies have adopted advanced malicious tools in their recent cyber-attacks. The security researchers from Symantec have revealed that they have started targeting the United States.
This hacking group is also known as Palmerworm and is active since 2013. Symantec analyzed the campaigns that ran from August 2019 to August 2020 that used dual-use tools and a latest custom malware suite. It claimed that the hackers targeted organizations in electronics, construction, media, finance, and engineering – across the US, Japan, Taiwan, and China.
As mentioned by Symantec in the report – “We have not observed the group using these malware families in previous attacks – they may be newly developed tools or the evolution of older Palmerworm tools.”