"China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT"
A Remote Access Trojan (RAT) called "Deuterbear" has been used by the China-linked "BlackTech" hacking group in a cyber espionage campaign targeting the Asia-Pacific region this year. Trend Micro researchers found that Deuterbear supports shellcode plugins, avoids handshakes for the RAT operation, and uses HTTPS for Command-and-Control (C2) communication. This article continues to discuss findings regarding BlackTech and its use of the Deuterbear RAT.
THN reports "China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT"
Submitted by grigby1
Submitted by Gregory Rigby
on