Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services


China-linked cyber group Evasive Panda recently targeted a Taiwanese government and religious organization with a toolset called CloudScout, which hijacks web sessions to steal data from Google Drive, Gmail, and Outlook. Operating with the MgBot malware framework, CloudScout’s custom modules extract sensitive files and emails. Evasive Panda, active in espionage against Taiwan, Hong Kong, and the Tibetan diaspora, also leverages DNS poisoning and other methods for initial access. Canada simultaneously reported extensive reconnaissance by a China-backed actor targeting government and infrastructure sectors.

Read More


thumb-image

Solutions