A new report exposes Silver Fox, a sophisticated China-based APT group engaged in multi-stage cyber espionage targeting healthcare and government sectors. They use backdoored medical software, cloud infrastructure, and advanced malware techniques to stealthily infect systems and establish persistence. #SilverFox #APT #ValleyRAT
Keypoints
- Silver Fox is a state-sponsored APT group targeting healthcare and public institutions in Asia.
- The group infects systems using trojanized medical software, phishing, and SEO poisoning.
- Backdoors are embedded in legitimate medical tools like Philips DICOM viewers to deliver malware.
- They deploy encrypted payloads from Alibaba Cloud, including remote access tools and cryptominers.
- Defense strategies include deploying EDR/XDR, allowlisting, monitoring task scheduling, and cloud traffic inspection.