Threat actors have targeted a server owned by the US Department of Defense in a recent HiatusRAT malware campaign in what researchers are describing as a reconnaissance attack.
The assaults were previously targeted at enterprises in Europe and Latin America, and they were used to hack business-class DrayTek Vigor VPN routers used by medium-sized businesses to connect remotely to corporate networks. This represents a significant shift in strategy.
However, between mid-June and August, the campaign’s reconnaissance operations took an unexpected turn, as Lumen’s Black Lotus Labs noted. Additionally, a U.S. military procurement system was targeted, with firms situated in Taiwan also being singled out read more New HiatusRAT malware attacks target US Defense Department.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.