Mandiant, a Google subsidiary, disrupted an APT campaign by China's Ministry of State Security targeting telecommunications and satellite operators worldwide. The campaign used malware called GRIDTIDE, which employed Google Sheets for command-and-control communications. Mandiant identified suspicious activities in Google Cloud logs, leading to the discovery of malicious infrastructure. The attackers compromised network devices using stolen credentials and deployed a Python-based backdoor named "Gh0stRat." They also established SOCKS proxies on infected systems to exfiltrate data from victim networks.
Read the full article at Threat Intelligence
Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.
