China-based espionage group attacks high level targets

The China-based Thrip group was first exposed in 2018 and has carried out attacks across South East Asia, mainly targeting military organizations and satellite communications operators. New research from Symantec shows that since June 2018 Thrip has attacked 12 targets located in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam. Analysis of the attacks shows close links to another long-established espionage group called Billbug making it likely the two are the same. Recent activity has been uncovered by Symantec following the discovery of a Thrip tool, a backdoor called Hannotog which appears to have been used since at least… [Continue Reading]