China’s new cyber arsenal revealed.

Today we are joined by Crystal Morin (www.linkedin.com/in/crystal-morin/) , Cybersecurity Strategist from Sysdig (www.linkedin.com/company/sysdig/) , as she is sharing their work on "UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell." UNC5174, a Chinese state-sponsored threat actor, has resurfaced with a stealthy cyber campaign using a new arsenal of customized and open-source tools, including a variant of their SNOWLIGHT malware and the VShell RAT.


Sysdig researchers discovered that the group targets Linux systems through malicious bash scripts, domain squatting, and in-memory payloads, indicating a high level of sophistication and espionage intent. Their evolving tactics, such as using spoofed domains and fileless malware, continue to blur attribution and pose a significant threat to research institutions, critical infrastructure, and NGOs across the West and Asia-Pacific regions.




The research can be found here:

• UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell (sysdig.com/blog/unc5174-chinese-threat-actor-vshel…)




Learn more about your ad choices. Visit megaphone.fm/adchoices (megaphone.fm/adchoices)