The Qi’anxin Threat Intelligence Center reports that the cyber threat group UTG-Q-015 has intensified targeted attacks using advanced exploit techniques against government, financial, and AI infrastructure. Their operations include web server vulnerability exploitation, watering hole attacks, and sophisticated intrusions into AI research and blockchain platforms. #CVE202138647 #CobaltStrike
Keypoints
- UTG-Q-015 has escalated its cyber attacks since late 2024, focusing on high-profile sectors.
- The group employs 0day/Nday vulnerabilities to compromise government and enterprise websites.
- Watering hole attacks targeting blockchain, Web3, and AI infrastructure have been documented.
- Systems, once breached, are infected with backdoors like Cobalt Strike for lateral movement.
- Recent focus includes AI-related Linux servers, suggesting espionage and advanced cyber reconnaissance.
Read More: https://securityonline.info/new-cyber-threat-utg-q-015-exploits-0-days-for-espionage-in-asia/