ESET Research
The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023
14 Jun 2024
•
,
2 min. read
In this episode of the ESET Research Podcast, we dissect the most interesting findings of the Q4 2023–Q1 2024 ESET APT Activity Report, uncovering the activity of multiple advanced persistent threat (APT) groups around the world.
Due to the I-SOON data leak, we have been able to identify FishMonger, a group notorious for cyberattacks against Hong Kong universities back in 2019, as I-SOON. This leak also sheds light on Operation ChattyGoblin, a series of attacks against Southeast Asian gambling companies happening since 2021.
Another China-aligned group, Mustang Panda, has been expanding its targeting beyond APAC to the US and Europe in the past two years. A notable example is a series of attacks on cargo shipping companies in Norway, Greece, and the Netherlands.
Iran-aligned groups have stepped up their activity against targets in Israel, focusing on loud attacks since the Hamas-led attack on Israel in 2023.
For all these topics and more from the ESET APT Activity Report, listen to the latest episode of the ESET Research podcast, hosted by Aryeh Goretsky.
For the full report, including other topics such as a psyop campaign against Ukraine, a watering-hole attack on a regional news website about Gilgit-Baltistan, and spearphishing campaigns conducted by North Korea-aligned groups against entities in South Korea, click here.
Follow ESET research on Twitter for regular updates on key trends and top threats.