RedDelta’s Mischief Marathon: A Cyber Comedy of Errors Across Asia!

RedDelta, active since 2012, has been targeting Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with a customized PlugX backdoor. Their espionage efforts blend seamlessly with legitimate traffic, making detection as tricky as finding a needle in a haystack, if the needle was also a master of disguise.

Hot Take:

If RedDelta were a game of espionage, they’d have a high score in “Operation World Domination,” with bonus points for creativity in using Visual Studio Code tunnels to sneak into the high-security club! Forget James Bond; we’ve got RedDelta, the real international spy crew with a rolodex of aliases that would make any secret agent jealous.

Key Points:

  • RedDelta has been busy targeting countries like Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with the PlugX backdoor.
  • The group uses creative lures such as documents themed around the 2024 Taiwanese presidential race and flood protection in Mongolia.
  • They’ve hacked into the Mongolian Ministry of Defense and the Communist Party of Vietnam.
  • RedDelta employs sophisticated techniques like DLL side-loading and CDN traffic blending to avoid detection.
  • This activity aligns with China’s strategic focus on Southeast Asia, Mongolia, and Europe.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here