The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor

Threat Level – Red | Vulnerability Report
Download PDF

The Sandman Advanced Persistent Threat (APT) is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandman’s Lua-based malware, LuaDream, and the KEYPLUG backdoor have been observed coexisting.

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox