Researchers at Cisco Talos discovered a long-running espionage campaign since 2022, targeting telecommunications and manufacturing sectors in Central and South Asia using a new PlugX variant linked to Chinese-speaking APT groups. The campaign highlights potential overlaps between Naikon and BackdoorDiplomacy, suggesting they may be the same or share resources. #Naikon #BackdoorDiplomacy
Keypoints
- The campaign has been active since 2022, focusing on South and Central Asian sectors.
- A new PlugX variant used in the campaign shares features with RainyDay and Turian backdoors.
- Technical analysis links the PlugX variant to the Chinese-speaking espionage group Naikon.
- Evidence suggests Naikon and BackdoorDiplomacy may be the same threat actor or share tools.
- The targeted sectors include telecommunications and manufacturing industries.
Read More: https://securityonline.info/cisco-uncovers-new-plugx-backdoor-linked-to-chinese-apts/