HiatusRAT Malware Resurfaces: Taiwan Firms and U.S. Military Under Attack

[silversurfer]

Content source

https://thehackernews.com/2023/08/hiatusrat-malware-resurfaces-taiwan.html

The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system.

Besides recompiling malware samples for different architectures, the artifacts are said to have been hosted on new virtual private servers (VPSs), Lumen Black Lotus Labs said in a report published last week.

The cybersecurity firm described the activity cluster as "brazen" and "one of the most audacious," indicating no signs of slowing down. The identity and the origin of the threat actors are presently unknown.

Targets included commercial firms, such as semiconductor and chemical manufacturers, and at least one municipal government organization in Taiwan as well as a U.S. Department of Defense (DoD) server associated with submitting and retrieving proposals for defense contracts.

 

[[correlate]]

In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.
This is a significant shift in tactics, seeing that the attacks previously focused on organizations from Latin America and Europe, being deployed to compromise business-class DrayTek Vigor VPN routers used by medium-sized businesses for remotely connecting to corporate networks.

New HiatusRAT malware attacks target US Defense Department

In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack.

www.bleepingcomputer.com