TA413

Pierluigi Paganini September 26, 2022
China-linked TA413 group targets Tibetan entities with new backdoor

China-linked cyberespionage group TA413 exploits employ a never-before-undetected backdoor called LOWZERO in attacks aimed at Tibetan entities. A China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), is exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at Tibetan entities. The TA413 APT group is known to be focused […]

Pierluigi Paganini February 26, 2021
China-linked TA413 group target Tibetan organizations

The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked cyberespionage group TA413 targeted Tibetan organizations across the world using a malicious Firefox add-on, dubbed FriarFox, that allowed them to steal Gmail and Firefox browser data and deliver malware on infected systems. “We attribute this […]