image credit: pixabay
A Chinese advanced persistent threat (APT) known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa.
Called PingPull, the “difficult-to-detect” backdoor is notable for its use of the Internet Control Message Protocol (ICMP) for command-and-control (C2) communications, according to new research published by Palo Alto Networks Unit 42 today.
Comments are closed.
