Bitdefender has uncovered EggStreme, a sophisticated fileless malware framework used by a China-based APT group to target military and regional organizations in the Asia-Pacific. The campaign includes encrypted in-memory payloads, multi-stage backdoors, and traffic routing tools, indicating a high level of operational complexity. #EggStreme #APTGroup #PhilippinesCyberattacks
Keypoints
- EggStreme is a fileless, multi-stage malware framework used by a China-based APT group.
- The malware targets military organizations in the Asia-Pacific region, especially the Philippines.
- It employs advanced techniques like encrypted in-memory payloads and DLL sideloading to evade detection.
- The framework includes a backdoor, EggStremeAgent, capable of reconnaissance, data theft, and file manipulation.
- Active campaign indicators and technical details are publicly available for organizations to defend against threats.
Read More: https://hackread.com/chinese-apt-philippine-military-eggstreme-fileless-malware/