Modern warfare - Chinese APT SharpPanda malware variant has “radio silence” mode to evade detection

[crimsonaudio]

Crazy clever, this.

The new version analyzed by Check Point features a “radio silence” mode which allows the threat actors to specify the specific hours of the week that the backdoor should not communicate with the command and control server, likely to evade detection during the victim’s working hours.

"This is an advanced OpSec feature that allows the actors to blend their communication flow into general traffic and decrease the chances of network communication being detected." explained Check Point.

New malware variant has “radio silence” mode to evade detection

The Sharp Panda cyber-espionage hacking group was observed targeting high-profile government entities in Vietnam, Thailand, and Indonesia, using a new version of the 'Soul' malware framework.

www.bleepingcomputer.com

 

[Bamabuzzard]

This is like some Blacklist, Raymond Reddington episodes.