Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
Tags
country: Sri Lanka
attack-pattern: Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Network Devices - T1584.008 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 2de92e5b-6291-4c13-a8da-47e7acd3d6f5
Fingerprint 83082df70bdfe7b1
Analysis status DONE
Considered CTI value 1
Text language
Published March 30, 2023, 9:28 p.m.
Added to db March 30, 2023, 6:30 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
Title Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
Detected Hints/Tags/Attributes 51/2/1
Source URLs
Redirection Url
Details Source https://thehackernews.com/2023/03/chinese-redgolf-group-targeting-windows.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Threat Actor Identifier - APT 522 
APT41