Скачать или смотреть Chinese APT Unveils NET-STAR Malware Suite for Database Espionage

…
Phantom Taurus is a newly identified Chinese state-aligned APT group uncovered after over two years of monitoring by Unit 42.

The group primarily conducts espionage, targeting ministries of foreign affairs, embassies, and telecommunications companies across Africa, the Middle East, and Asia. Their operations closely align with Chinese geopolitical interests. Unlike other Chinese APTs, Phantom Taurus uses unique tactics and custom tools, including the recently discovered NET-STAR malware suite.

NET-STAR is a modular, .NET-based toolkit designed to compromise IIS web servers. It features fileless execution, encrypted command-and-control communication, and advanced evasion techniques such as AMSI and ETW bypasses. The suite includes IIServerCore, a memory-resident backdoor, and two versions of AssemblyExecuter loaders capable of stealthy in-memory execution of .NET payloads.

Researchers also observed a tactical shift from targeting email servers to directly exfiltrating databases using custom scripts, highlighting the group’s adaptability.


RECOMMENDATIONS:

1. Regularly check your email and online account login history. If you notice logins from unfamiliar locations or times, change your password right away and turn on multi-factor authentication.

2. Use long, unique passwords for each account. Think about a reputable password manager to securely store and generate strong credentials instead of reusing the same password.

…

Visit our blog for more daily Intel ➜ https://cyderes.com/blog

See our newsletter for deeper monthly insights ➜ https://cyderes.com/newsletter

Catch our podcast for brief cyber updates ➜    / @beeverydayready  

Follow our story ➜   / cyderes  

…

#beeverydayready #cybersecurity #cyderes