Chinese Hacker Group Stealing Information From Korean Companies Posted By AhnLab_en , May 15, 2023 Recently, there have been frequent cases of attacks targeting vulnerable servers that are accessible externally, such as SQL servers or IIS web servers. The team has confirmed two affected companies in this case. One being a company for semiconductors, and the other being a smart manufacturing company which utilizes artificial intelligence. It is assumed that the threat group that carried out the hacking attack is a Chinese hacker group like Xiaoqiying and Dalbit, as a Chinese text file containing instructions…
Dalbit (m00nlight): Chinese Hacker Group’s APT Attack Campaign Posted By kingkimgim , February 13, 2023 0. Overview This report is a continuation of the “Attackers Using FRP (Fast Reverse Proxy) to Attack Korean Companies” post that was uploaded on August 16, 2022 and follows the group’s activities since that post. This group has always relied on open-source tools and lacked any distinct characteristics to profile them due to the lack of PDB information. Additionally, the amount of information that could be collected was limited unless the affected Korean companies specifically asked for an investigation since…
