BotNet News

Cyberthreat News is a weekly rundown of small changes in attackers’ tactics that add up to significant risk for businesses and citizens. From reshaped tools to shifting infrastructures, this week’s news shows that sophisticated threat actors continue to evolve their attack arsenals to stay ahead of security.

A newly documented campaign leveraging cracked software distribution sites as a delivery vector has reshaped an existing stealthy loader to support multiple payloads for access, evasion, and delivery, Cyderes Howler Cell Threat Intelligence says. The new variant of CountLoader supports Cobalt Strike, Amatera Stealer, AdaptixC2, PureHVNC RAT, and more.

A China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a wave of attacks targeting government entities in Southeast Asia and Japan with the end goal of cyber espionage, cybersecurity company ESET says. The threat activity cluster is using Group Policy and cloud services to deploy malware and as command-and-control (C&C) servers, researchers say.