Google offers new details about the China-Linked Hacking Group
Posted October 18, 2020
- A report released Friday by Google Threat Analysis Group offers new information on the China-linked hacking group that targeted Joe Biden’s campaign offices with phishing emails earlier this year.
- Google TAG notes that APT31, also known as Zirconium, used GitHub to host malware and Dropbox as the command and control infrastructure to avoid detection and hide from security tools.
- The malware was a Python-based implant. If it were installed, the report said the hackers could upload and download files and execute arbitrary commands.
- The malicious code also connects to the command and control server hosted on Dropbox.
| October 18, 2020