Cybersecurity researchers have uncovered ongoing cyber espionage activities by Chinese-aligned threat actors, including UnsolicitedBooker targeting organizations in Saudi Arabia and other regions with sophisticated spear-phishing campaigns and custom backdoors. These threat groups deploy multiple malware tools and tactics, highlighting the persistent risks faced by governmental and international entities. #CyberEspionage #ThreatActors #Backdoors #SpearPhishing #China
Keypoints
- UnsolicitedBooker is a China-aligned threat actor targeting international organizations in multiple regions.
- The group uses spear-phishing emails with flight ticket decoys to infiltrate targets.
- They deploy backdoors such as MarsSnake, Chinoxy, and BeRAT for persistent access.
- Recent campaigns involved malicious Word documents with VBA macros to deliver malware.
- Other Chinese threat groups like PerplexedGoblin and DigitalRecyclers continue to target government entities with advanced malware.
Read More: https://thehackernews.com/2025/05/chinese-hackers-deploy-marssnake.html