APT31, a China-linked cyber espionage group, has targeted Russian IT companies using cloud services and stealthy techniques from 2024 to 2025. Their operations involve sophisticated toolsets, social media command channels, and data exfiltration, posing serious threats to government, financial, and tech sectors. #APT31 #CloudServices
Keypoints
- APT31 is a threat actor active since at least 2010, targeting diverse sectors globally.
- Between 2024 and 2025, APT31 targeted Russian IT contractors and solution providers.
- The group uses legitimate cloud platforms like Yandex Cloud and OneDrive for command and control.
- They employ a wide array of tools, including backdoors, VPNs, and social media channels for stealthy operations.
- Despite their old tools, APT31 continually updates their arsenal to evade detection and exfiltrate data securely.
Read More: https://thehackernews.com/2025/11/china-linked-apt31-launches-stealthy.html