A new cyber espionage campaign called PassiveNeuron has targeted government, financial, and industrial organizations across Asia, Africa, and Latin America, using sophisticated malware tools like Neursite and NeuralExecutor. The campaign demonstrates advanced lateral movement techniques and the use of compromised servers to evade detection, with ongoing activities observed from December 2024 to August 2025. #PassiveNeuron #Neursite #NeuralExecutor #CobaltStrike #EastAsia #LatinAmerica
Keypoints
- The PassiveNeuron campaign targets organizations in Asia, Africa, and Latin America.
- Attackers use advanced malware families Neursite and NeuralExecutor for cyber espionage activities.
- The threat group leverages compromised servers and virtual networks for lateral movement and data exfiltration.
- Initial intrusions may involve brute-force, SQL injection, or server vulnerabilities to gain remote access.
- The campaign primarily targets internet-exposed servers, which serve as strategic entry points into organizations.
Read More: https://thehackernews.com/2025/10/researchers-identify-passiveneuron-apt.html