Crimson palace returns: new tools, tactics, and targets

Intel Name: Crimson palace returns: new tools, tactics, and targets

Date of Scan: September 13, 2024

Impact: High

Summary:
Following a brief pause, Sophos X-Ops is back to monitoring what we confidently identify as a Chinese state-directed cyberespionage campaign against a key Southeast Asian government agency. During our investigation of this activity, known as Operation Crimson Palace, Sophos MDR uncovered evidence of further compromises affecting additional regional government organizations. We also detected similar malicious activity from these threat clusters targeting other local organizations, with attackers using compromised networks to deliver malware disguised as trusted access points.

More Details