Blog details

Researchers have uncovered a new cyberespionage campaign targeting the telecommunications industry and government organizations across Kazakhstan, Uzbekistan, Pakistan, and Vietnam. The campaign, named Stayin Alive, has been active since 2021 and is possibly the work of a Chinese threat actor called ToddyCat.

Infection process

  • The campaign employs spear-phishing emails and DLL side-loading to deliver archive files to the victims’ systems. 
  • Additionally, it exploits a previously-known vulnerability (CVE-2022-23748) in Audinate’s Dante Discovery Software by hijacking dal_keepaliver.dll.
  • After successful exploitation, the attackers deploy a variety of downloaders and loaders, which serve as channels for the further execution of additional malicious payloads. 
  • During the initial discovery of the campaign, a malware downloader called CurKeep was used as part of the infection process.

A trend of similar espionage campaigns

While the campaign remains active, it is interesting to note that similar attacks by Chinese threat actors have been observed in the recent past.

  • A report published by Symantec researchers highlighted that the China-linked Emissary Panda (aka Budworm) hacking group used a new version of SysUpdate malware to spy on a Middle Eastern telecom organization and an Asian government.  
  • In a separate incident, SentinelOne shared details of a well-orchestrated Chinese cyber espionage operation that targeted the telecom industry, finance, and government in the Middle East region. The attack was believed to have been launched by the BackdoorDiplomacy (aka APT15) group.

Conclusion

As the current espionage campaign is primarily executed via spear-phishing emails, it is recommended to refrain from attending to unsolicited emails/messages. Organizations must implement robust email security gateways to prevent the recipients from receiving unwanted email messages. At last, it is advised to update systems and software to their latest versions.

Digital Creations is an IT company providing solutions for businesses to accomplish their goals currently and in the future.

Contact Info

Follow Us

Cart(0 items)

No products in the cart.

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
Click outside to hide the comparison bar
Compare