Beginning in February of 2017 a group of Vietnamese APT actors carried out a large campaign leveraging watering-hole attacks. The campaign is intended to conduct surveillance on entities within Southeast Asia and China. As part of the watering-hole attacks, the group leveraged a JavaScript reconnaissance framework to collect information on their targets. This report looks at the malicious JavaScript framework leveraged by the attackers, provides information on attribution, and looks at the infrastructure behind the campaign...READ MORE
Wapack Labs has cataloged and reported on APT activity and watering-hole attacks in the past. An archive of related reporting can be found in the Red Sky Alliance portal.