APT17 Targets Italian Entities with 9002 RAT
1. China-linked APT17 targets Italian companies and government entities using 9002 RAT variant.
2. TG Soft detected two attacks on June 24 and July 2, 2024, involving spear-phishing lures.
3. APT17 campaigns used Office documents and links to fake Italian government domains.
4. 9002 RAT deployed via Java archive, triggered by Visual Basic Script from MSI installer.
5. 9002 RAT features network monitoring, file enumeration, and diskless modular updates.
#cybersecurity #apt17 #chinalinked #9002rat #italianentities #spearphishing #cyberespionage #tgsoft #microsoft #officedocumentattack #governmentdomainspoofing #skypeforbusiness #visualbasicscript #javaarchive #modulartrojan #networkmonitoring #cyberthreats #infosec #threatintelligence #cyberdefense #aptgroup #malwareanalysis #ratmalware #cyberattacks #technews #securityupdates #espionageoperations #malwarevariants #threatactors #networkdiscovery #cyberawareness
1. China-linked APT17 targets Italian companies and government entities using 9002 RAT variant.
2. TG Soft detected two attacks on June 24 and July 2, 2024, involving spear-phishing lures.
3. APT17 campaigns used Office documents and links to fake Italian government domains.
4. 9002 RAT deployed via Java archive, triggered by Visual Basic Script from MSI installer.
5. 9002 RAT features network monitoring, file enumeration, and diskless modular updates.
#cybersecurity #apt17 #chinalinked #9002rat #italianentities #spearphishing #cyberespionage #tgsoft #microsoft #officedocumentattack #governmentdomainspoofing #skypeforbusiness #visualbasicscript #javaarchive #modulartrojan #networkmonitoring #cyberthreats #infosec #threatintelligence #cyberdefense #aptgroup #malwareanalysis #ratmalware #cyberattacks #technews #securityupdates #espionageoperations #malwarevariants #threatactors #networkdiscovery #cyberawareness