Budworm-Hacker tauchen mit neuen Spionageangriffen auf US-Organisationen wieder auf

An advanced persistent threat (APT) actor known as Budworm targeted a U.S.-based entity for the first time in more than six years, according to latest research.

The attack was aimed at an unnamed U.S. state legislature, the Symantec Threat Hunter team, part of Broadcom Software, sagte in einem Bericht, der mit The Hacker News geteilt wurde.

Other “strategically significant” intrusions mounted over the past six months were directed against a government of a Middle Eastern country, a multinational electronics manufacturer, and a hospital in South East Asia.

Budworm, also called APT27, Bronze Union, Emissary Panda, Lucky Mouse, and Red Phoenix, is a threat actor that’s believed to operate on behalf of China through attacks that leverage a mix of custom and openly available tools to exfiltrate information of interest.

“Bronze Union maintains a high degree of operational flexibility in order to adapt to the environments it operates in,” Secureworks notes in a profile of the nation-state group, pointing out its ability to “maintain access to sensitive systems over a long period of time.”

A prominent backdoor attributed to the adversarial collective is HyperBro, which has been put to use since at least 2013 and is in continuous development. Its other tools include PlugX, SysUpdate, and the China Chopper web shell.

The latest set of attacks are no different, with the threat actor leveraging Log4Shell flaws to compromise servers and install web shells, ultimately paving the way for the deployment of HyperBro, PlugX, Cobalt Strike, and credential dumping software.

The development marks the second time Budworm has been linked to an attack on a U.S. entity. Earlier this month, the U.S. government revealed that multiple nation-state hacking groups breached a defense sector organization using ProxyLogon flaws in Microsoft Exchange Server to drop China Chopper and HyperBro.

“In more recent years, the group’s activity appears to have been largely focused on Asia, the Middle East, and Europe,” the researchers said. “A resumption of attacks against U.S.-based targets could signal a change in focus for the group.”

https://thehackernews.com/2022/10/budworm-hackers-resurface-with-new.html

Kommentar verfassen Kommentieren abbrechen

London, GB

1:34 pm, Juli 7, 2025

20°C

L: 19° | H: 21°

Fühlt sich an wie 19°C° aufgelockerte Bewölkung

Luftfeuchtigkeit: 53 %

Druck: 1012 mb

Wind: 9 mph NNE

Windböe: 0 mph

UV-Index: 0

Niederschlag: 0 mm

Wolken: 40%

Regen Chance: 0%

Sichtbarkeit: 10 km

Sonnenaufgang: 4:52 am

Sonnenuntergang: 9:18 pm

TäglichStündlich

Tägliche VorhersageStündliche Vorhersage

Today 10:00 pm

19° | 21°°C 0 mm 0% 10 mph 51 % 1014 mb 0 mm/h

Tomorrow 10:00 pm

13° | 24°°C 0.2 mm 20% 11 mph 76 % 1020 mb 0 mm/h

Mi. Juli 09 10:00 pm

15° | 24°°C 0.35 mm 35% 5 mph 68 % 1023 mb 0 mm/h

Do. Juli 10 10:00 pm

18° | 31°°C 0 mm 0% 7 mph 75 % 1024 mb 0 mm/h

Fr. Juli 11 10:00 pm

19° | 29°°C 0 mm 0% 10 mph 61 % 1023 mb 0 mm/h

Today 4:00 pm

20° | 20°°C 0 mm 0% 10 mph 50 % 1012 mb 0 mm/h

Today 7:00 pm

20° | 21°°C 0 mm 0% 6 mph 45 % 1013 mb 0 mm/h

Today 10:00 pm

17° | 17°°C 0 mm 0% 10 mph 51 % 1014 mb 0 mm/h

Tomorrow 1:00 am

16° | 16°°C 0.2 mm 20% 10 mph 72 % 1015 mb 0 mm/h

Tomorrow 4:00 am

13° | 13°°C 0 mm 0% 11 mph 76 % 1015 mb 0 mm/h

Tomorrow 7:00 am

13° | 13°°C 0 mm 0% 9 mph 73 % 1017 mb 0 mm/h

Tomorrow 10:00 am

18° | 18°°C 0 mm 0% 9 mph 47 % 1018 mb 0 mm/h

Tomorrow 1:00 pm

22° | 22°°C 0 mm 0% 7 mph 33 % 1018 mb 0 mm/h

Name	Preis	24H (%)
Bitcoin(BTC)	€92,431.66	0.28%
Ethereum(ETH)	€2,173.30	1.36%
Fesseln(USDT)	€0.85	-0.02%
XRP(XRP)	€1.94	0.45%
Solana(SOL)	€129.39	2.42%
USDC(USDC)	€0.85	0.00%
Dogecoin(DOGE)	€0.144617	2.59%
Shiba Inu(SHIB)	€0.000010	0.52%
Pepe(PEPE)	€0.000009	0.98%

Budworm-Hacker tauchen mit neuen Spionageangriffen auf US-Organisationen wieder auf

Teilen:

Kommentar verfassen Kommentieren abbrechen

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns