Lumen Black Lotus Labs recently announced that the threat actors behind HiatusRAT have resumed their targeting of Taiwanese organizations and a U.S. military procurement system.

Although the exact identity of the threat actor remains unknown, Black Lotus Labs described their revamped activity as “audacious.” Taiwanese targets included government organizations, semiconductor manufacturers, and chemical companies. The campaign also targeted a U.S. Department of Defense defense contracts server. Threat actors previously used HiatusRAT to conduct espionage on victims in Latin America and Europe in 2022. The 2023 campaign made minor changes to the previous command-and-control infrastructure to target perimeter assets and glean information regarding military contracts. China-affiliated threat actors have used similar espionage strategies to establish long-term persistence in previous target environments.

Read More:

https://thehackernews.com/2023/08/hiatusrat-malware-resurfaces-taiwan.html