LongNosedGoblin Unleashes Cyber Espionage Chaos: Southeast Asia and Japan Under Attack!
LongNosedGoblin, a China-aligned threat cluster, is on the cyber espionage prowl in Southeast Asia and Japan. Using Group Policy, malware like NosyDoor turns Microsoft OneDrive into a sneaky command center. ESET reports new variants are popping up like unwanted ads, possibly shared among multiple cyber baddies.
Hot Take:
Just when you thought goblins were confined to fantasy novels, here comes LongNosedGoblin, a cyber threat actor that’s got Southeast Asian and Japanese governments wishing they had a wizard on speed dial. With a bag of tricks that would make any magician jealous, these cyber goblins are using Group Policy magic to exfiltrate data faster than you can say ‘NosyHistorian’. Someone call Gandalf; it’s goblin-hunting season!
Key Points:
– LongNosedGoblin is a newly identified China-aligned cyber threat.
– Targets include governmental entities in Southeast Asia and Japan.
– The group uses cloud services like OneDrive and Google Drive for command and control.
– A suite of custom tools, including NosyHistorian and NosyDoor, is employed for data exfiltration.
– Malware might be shared among multiple threat groups, suggesting a potential cyber crime franchise model.