Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea
Essential information
- Published
- 24/05/2024 08:21
- Modified
- 24/05/2024 08:29
- Tags
- .net 2024-05-23 2024-05-24 apt dustyexfiltool espionage malware sharpjshandler silentgh0st translucentgh0st unfading sea haze
- Related entities
- 47 observables, 1 intrusion sets (apt), 20 techniques (mitre), 3 malware
Description
An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group has systematically targeted high-level organizations across countries in the South China Sea region. The extensive analysis spanned several years, revealing their evolving tactics, malware arsenal, and ongoing persistence. The primary objective appears to be espionage, with a focus on data exfiltration and surveillance of military and government entities. Unfading Sea Haze employs a sophisticated array of custom malware tools, including variants of the Gh0st RAT family and techniques like DLL sideloading. Their recent shift towards modular, fileless payloads showcases their adaptability in evading detection.