CoralRaider Targeting Social Media Accounts Across Asia for Financial Gain

Summary:

A new Vietnamese threat actor group, CoralRaider, has been targeting victims in several Asian countries since at least 2023. Their attacks focus on stealing credentials, financial data and social media accounts, including those used for business and advertising. Their campaign leverages malicious Windows shortcut files (LNKs) to deliver payloads such as RotBot (a custom variant of QuasarRAT) and XClient stealer.

Threat Level – Red | Actor Report

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.