Chinese state-backed spies infiltrated Dutch defense networks last year using malware called "Coathanger." The initial intrusion exploited a zero-day vulnerability, and the threat actors then used a remote access Trojan (RAT) called Coathanger. The RAT hides itself by hooking system calls and survives reboots and firmware upgrades. The intrusion had limited impact as the victim network was segmented from wider networks. The attack highlights the trend of threat actors targeting edge devices connected to the public internet. Organizations can mitigate these threats by regularly performing risk analysis on devices, limiting internet access, analyzing logs for anomalous activity, and installing security updates. #ChineseSpies #CoathangerMalware #ZeroDayVulnerability #RemoteAccessTrojan #EdgeDeviceThreats #Cybersecurity
https://www.infosecurity-magazine.com/news/chinese-spies-hack-dutch-1/