WIP19 targets IT service providers and telcos with custom malware

Threat Level – Red | Vulnerability Report
Download PDF

WIP19, a Chinese APT group is using legitimate and stolen certificates to sign malware, such as SQLMaggie, ScreenCap, and a credential dumper which it then used to target telecommunications and IT services organizations in Asia and the Middle East.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox