Dark Reading -
Security researchers have linked the recently discovered Sidewalk malware to Grayfly, an espionage group connected to China. The backdoor has been used in recent Grayfly attacks targeting organizations in Taiwan, Vietnam, the United States, and Mexico.
The Sidewalk malware was recently documented by ESET researchers who attributed it to a group it calls SparklingGoblin. Symantec’s Threat Hunter Team has now connected the malware to Grayfly, also known as GREF and Wicked Panda, a Chinese espionage group that had several members indicted in the US last year. While it’s sometimes labeled APT41, Symantec considers Grayfly the espionage branch of APT41.
“The recent campaign involving Sidewalk suggests that Grayfly has been undeterred by the publicity surrounding the indictments,” researchers wrote in a blog post on their findings.
Grayfly has been seen targeting several countries in Asia, Europe, and North America, affecting organizations in a range of industries, including food, financial, healthcare, hospitality,
The post Sidewalk Malware Tied to China-Linked Espionage Group first appeared on Dark Reading.