216.73.217.176

CrazyHunter Campaign Targets Taiwanese Critical Sectors

· Published 16/04/2025 14:00 · Modified 16/04/2025 14:21

Export JSON

Essential information

Published
16/04/2025 14:00
Modified
16/04/2025 14:21
Tags
2025-04-16 byovd critical sectors gpo exploitation open-source tools prince ransomware prince ransomware builder ransomware taiwan zammocide
Related entities
9 observables, 1 intrusion sets (apt), 11 techniques (mitre), 1 malware, 4 others

Description

The CrazyHunter group has emerged as a significant threat, specifically targeting Taiwanese organizations in healthcare, education, and industrial sectors. The group employs sophisticated techniques, including the Bring Your Own Vulnerable Driver () method, to bypass security measures. They have expanded their toolkit by integrating from GitHub, such as the and . Approximately 80% of CrazyHunter's toolkit consists of . The group's focus on 's raises concerns about potential disruptions to essential services. Their evolving tactics and use of readily available tools highlight the need for enhanced cybersecurity measures to counter this emerging threat.

External references