China-backed hacker activity tracked

 

China-backed hacker group Earth Longzhi is using new malware to target government organizations in Southeast Asia.  The group's campaign is believed to have been active at least since 2018. The group primarily uses spear-phishing emails to hack its victims, with a particular focus on government entities and opposition figures in Myanmar and Vietnam. The threat actor uses custom malware, such as a remote access trojan called Moudoor. Researchers have linked the group to APT41 and believe that it may be affiliated with the Chinese government. In addition to government organizations, the group has targeted healthcare organizations, technology companies, and manufacturing entities.