VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

UAT-8302: Chinese APT using common malware families against government targets in Latin America & Europe

UAT-8302: китайский APT использует общие семейства вредоносного ПО против госструктур в Латинской Америке и Европе

Colleagues: cybersecurity activity attributed to UAT-8302 and linked to China has been observed.

Summary:
- Cisco Talos links UAT-8302 to attacks on government agencies in South America (since late 2024) and Southeastern Europe (2025).
- The group employs common tooling — NetDraft/NosyDoor, CloudSorcerer, SNOWLIGHT/SNOWRUST, Deed RAT, etc. — plus proxies/VPNs for sustained access.
- Likely techniques include exploitation of 0‑day/N‑day web vulnerabilities, reconnaissance, automated scanning, and lateral movement.

Why it matters: shared tooling accelerates attacks and increases risk to critical systems.

What steps do you consider priority to protect government and CII?

#cybersecurity #APT #threatintelligence

Latest comments

No comments yet.