"Large East Asian Companies Attacked With SparkRAT Open-Source Tool"

According to SentinelLabs researchers, large companies in East Asia are being attacked with an open-source tool called SparkRAT. They have been observing a hacker group known as "DragonSpark" since October 2022 because of its repeated attacks on large companies and its ability to continue evolving. Since many of the victim companies have a big customer base, it is suspected that the threat actors are targeting consumer data for illegal or other objectives. According to the researchers, the DragonSpark attack cluster is opportunistic in nature. Their analysis confirms that threat actors continue to evolve using open-source tools that enable better evasion and obfuscation. Hackers have adopted SparkRAT because it is a readily available, feature-rich, and cross-platform tool. Researchers discovered that a Chinese-speaking actor is most likely behind the DragonSpark attacks, and the hackers are staging SparkRAT along with other tools and malware using infiltrated infrastructure in China and Taiwan. This article continues to discuss the DragonSpark hacking group using an open-source tool named SparkRAT to attack large companies in East Asia.  

The Record reports "Large East Asian Companies Attacked With SparkRAT Open-Source Tool"