Pierluigi Paganini September 26, 2022
China-linked TA413 group targets Tibetan entities with new backdoor

China-linked cyberespionage group TA413 exploits employ a never-before-undetected backdoor called LOWZERO in attacks aimed at Tibetan entities. A China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), is exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at Tibetan entities. The TA413 APT group is known to be focused […]

Pierluigi Paganini August 24, 2015
Cyber espionage campaign targets India and Tibetan activists

Security experts at FireEye uncovered a cyber espionage campaign that targeted organizations in India and the Tibetan activists. Security firm FireEye revealed an intense activity of hackers based in China particularly interested in entities and organization linked to the Indian Government as well as in information on Tibetan activists. Also in this case we are dealing […]

Pierluigi Paganini November 19, 2014
Gh0st RAT used in targeted attacks against Tibetan activists

APT actors trying to use the G20 2014 summit as a lure to compromise Tibetan nongovernmental organizations (NGOs) with Gh0st RAT. Security experts at ESET uncovered a new series of cyber attacks that targeted Tibetan nongovernmental organizations (NGOs) concurrently with the G20 2014 summit in Brisbane, Australia. The experts discovered that APTs behind the attacks used a strain of the Gh0st RAT characterized […]

Pierluigi Paganini March 27, 2013
First APT attack on Android targeted Tibetan & Uyghur activists

Read about APT attacks has become customary, even easier to hear of attacks against political dissidents or minorities as Tibetan and Uyghur activists, but never before has been exploited the Android platform for this type of offensive. In the past Tibetan minorities have been already targeted with malware able to infect Windows and Mac OSs, […]

Pierluigi Paganini September 23, 2012
Eset on Flashback malware, interesting info to prevent further attacks

Reports from main security firms confirm the increasing growth of cyber attacks based on malware, in particular the large diffusion of Apple products has made them desirable targets. The explosion of malicious agents designed for Apple OS X operating system as surprised Apple users that have found themselves suddenly vulnerable exactly such as users of […]

Pierluigi Paganini June 30, 2012
Dalai Lama + Mac OS X = APT with Tibet malware

Another excellent discovery of the active experts of Kaspersky Labs that have identified a new variant of the malware used in Tibet against Uyghur hacktivists, a Turkic ethnic group living in Eastern and Central Asia. The instance of Tibet malware detected infects OS X machines and is spread following a consolidated schema for politically motivated […]

Pierluigi Paganini April 02, 2012
Chinese hackers & Operation ‘Luckycat’ against Japan, Tibet and India

Recently experts monitored several targeted attacks against Tibetan activist organizations including the International Campaign for Tibet and the Central Tibet Administration. Researchers suspect the involvement of China and on groups of hackers sponsored by the Beijing government. In multiple cases, we have seen how the Chinese government promotes and supports from the economic point of view […]