Suspected Cyber Espionage Campaign Targeting Global Organizations
Essential information
- Published
- 17/07/2024 12:45
- Modified
- 17/07/2024 12:59
- Tags
- 2024-07-17 backdoors cve-2024-3400 cyberespionage exploitation intergovernmental opensource pantegana sparkrat
- Related entities
- 1 vulnerabilities (cve), 25 observables, 1 intrusion sets (apt), 6 techniques (mitre), 2 malware, 1 others
Description
An analysis identified a suspected cyber espionage campaign by TAG-100, a threat group exploiting internet-facing devices and utilizing open-source tools like the Go backdoor Pantegana. The campaign compromised two Asia-Pacific intergovernmental organizations and targeted multiple diplomatic, trade, and private sector entities globally across at least ten countries spanning Africa, Asia, North America, South America, and Oceania. The group employed open-source remote access capabilities and exploited various internet-facing products to gain initial access.