A Chinese threat actor who targeted an Asian software company used the same toolset for the ransomware attack that was found in multiple cyberespionage incidents, leaving Symantec analysts to believe ...
RA World ransomware used PlugX malware in Nov 2024, hinting at a lone hacker monetizing Chinese espionage tools.
Crucially, Symantec’s threat researchers observed the use of a custom version of the PlugX backdoor previously deployed by a ...