New Chinese APT Targets IT Service Providers and Telcos With Signed Malware
released on 2022-10-13 @ 06:28:48 PM
SentinelLabs has been monitoring a threat cluster we track as WIP19, a group characterized by the usage of a legitimate, stolen digital certificate issued by a company called “DEEPSoft”. Based on our investigations, WIP19 has been targeting telecommunications and IT service providers in the Middle East and Asia.