UnsolicitedBooker Strikes Again: China’s Sneaky Cyber Tactics Unveiled!
UnsolicitedBooker, a China-aligned threat actor, uses flight ticket decoys in spear-phishing emails to infiltrate targets like governmental organizations. ESET discovered their antics in Saudi Arabia, deploying MarsSnake backdoor, proving that cybercriminals have taken “booked solid” to a whole new level.
Hot Take:
In the glamorous world of cyber espionage, it seems that even hackers are booking fictional flights to exotic locales. But unlike us mere mortals, they’re not out to earn frequent flyer miles; they’re packing malware in their virtual luggage and targeting international organizations instead. Move over, James Bond, here comes UnsolicitedBooker with their lethal MarsSnake backdoor, making sure nobody misses their flight to data theft! Who needs travel agents when you can have phishing emails as your passport to espionage?
Key Points:
- UnsolicitedBooker uses spear-phishing emails with flight tickets as decoys.
- The MarsSnake backdoor is the new tool in their hacking arsenal.
- Targets include international organizations in Asia, Africa, and the Middle East.
- ESET discovered this activity spanning from 2023 to 2025.
- Other threat actors like DigitalRecyclers and PerplexedGoblin are also making the rounds.