Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
Essential information
- Published
- 03/10/2024 09:50
- Modified
- 03/10/2024 09:52
- Tags
- 2024-10-03 advanced persistent threat custom malware data exfiltration multi-industry targeting network infiltration persistence techniques social engineering
- Related entities
- 16 observables, 14 techniques (mitre)
Description
This intelligence report details a sophisticated malware campaign targeting multiple industries across various countries. The threat actor employs advanced tactics, techniques, and procedures (TTPs) to infiltrate networks, maintain persistence, and exfiltrate sensitive data. The malware used in this campaign is highly modular and adaptable, allowing the attackers to customize their approach for each target. The report highlights the use of social engineering, exploits for known vulnerabilities, and custom-built tools to achieve their objectives. It also provides indicators of compromise (IoCs) and recommendations for detection and mitigation.