Just when you thought Bamboo only shoots its own species, along comes EvilBamboo, causing havoc in the cyber world. Tibetan, Uyghur, and Taiwanese individuals and organizations are the new “Panda Express” menu for this cyber threat, finding themselves increasingly targeted. The malicious actor is set on a persistent campaign to gather sensitive information from these communities, displaying about as much subtlety as a gamer at a LAN party.
“A city of fools is wiser in the eyes of an imposter” – Not Confucius, probably EvilBamboo. Slicker than your average villain, this attacker has meticulously crafted replica Tibetan websites. They’ve even gone through the oh-so modern effort of creating false social media profiles. Such contrivances are likely used to deploy browser-based exploits against unsuspecting users, showing that this evil bamboo shoots more than just keyboards and mouse clicks.
In the game of shadows, Volexity security researchers, Callum Roxan and Paul, are constantly tracking down the evil that lurks online like a pair of software enabled, keyboard-wielding Batman & Robin. They reported that our faux-forest friend likes using browser-based exploits to ensure he gets his daily dose of sensitive data. It seems the “cookies” EvilBamboo is after are not the edible kind, but rather those of the digital variety!
Every plot needs a villain, and in this real-life cyber tale, it’s EvilBamboo. This threat actor is fixated on infiltrating and gathering sensitive information from Tibetan, Uyghur, and Taiwanese individuals and organisations. Showcasing a mastery of digital deception, EvilBamboo employs carefully crafted fake Tibetan websites and social media profiles to deploy browser-based exploits. In the world of digital surveillance, our trusty Volexity security researchers keep shining a light on EvilBamboo’s shenanigans. Don’t be bamboozled, folks, protect your digital ‘bamboo’ forest!
Original Article: https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html
No products in the cart.