A newly discovered cyber espionage campaign from a Chinese threat actor is targeting Asian and US organizations with self-replicating malware called MISTCLOAK.
New variants of the RAT reveal added functionalities and deployment alongside other malware families.
VMware researchers said the malware has appeared in at least 43 infections that have primarily targeted business services, financial services, manufacturing and education organizations.
Threat actors leveraged an emerging distributed file storage protocol in attacks deploying a Python-based information stealer called Hannabi Grabber.
The DoJ said that a 26-year-old Ukrainian national, Mark Sokolovky, had been arrested in March by Dutch authorities as an alleged operator of the Raccoon Stealer malware.