News

WeLiveSecurity4y
Gelsemium: When threat actors go gardening - WeLiveSecurity
Gelsemium components Gelsemium’s whole chain might appear simple at first sight, but the exhaustive configurations, implanted at each stage, modify on-the-fly settings for the final payload ...
WeLiveSecurity8mon
Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine
ESET researchers analyzed previously unknown Linux backdoors that are connected to known Windows malware used by the China-aligned Gelsemium group, as well as to Project Wood.
The Hacker News8mon
Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast ...
TechRadar8mon
Linux devices hit with even more new malware, this time from Chinese ...
The group, in this instance, is called Gelsemium, suggesting that it has at least one herbalist in its ranks. Itis a relatively known Chinese group, active since at least 2014.
The Hacker News4y
NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers
According to ESET, Gelsemium's first stage is a C++ dropper named "Gelsemine," which deploys a loader "Gelsenicine" onto the target system, which, in turn, retrieves and executes the main malware " ...