Wednesday, October 27, 2021

ShadowPad | A Masterpiece of Privately Sold Malware in Chinese Espionage

By Yi-Jhen Hsieh & Joey Chen

Executive Summary

ShadowPad is a privately sold modular malware platform –rather than an open attack framework– with plugins sold separately.

ShadowPad is still regularly updated with more advanced anti-detection and persistence techniques.

It’s used by at least four clusters of espionage activity. ShadowPad was the primary backdoor for espionage operations in multiple campaigns, including the CCleaner, NetSarang, and ASUS supply-chain attacks.

The adoption of S…

Read More

Latest news
Related news