"Chinese Hackers Leveraged Legacy F5 BIG-IP Appliance for Persistence"

Sygnia reports that a Chinese state-sponsored threat actor dubbed "Velvet Ant" used a legacy F5 BIG-IP appliance to access a victim organization's network for three years. The threat actor used multiple mechanisms to gain a foothold in the organization's network. The cybersecurity company notes that this threat actor had infiltrated the organization's network at least two years before the investigation, gaining a strong foothold and gathering intelligence about it. Velvet Ant has used different tools and techniques to compromise critical systems and access sensitive data. The threat actor applied dormant persistence mechanisms in unmonitored systems, including the PlugX Remote Access Trojan (RAT). This article continues to discuss Velvet Ant's use of a legacy F5 BIG-IP appliance for persistence.

Security Week reports "Chinese Hackers Leveraged Legacy F5 BIG-IP Appliance for Persistence"

Submitted by grigby1

Submitted by Gregory Rigby on