China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

China-linked threat actor TA4922 has expanded its phishing campaign operations from initial targets to include organizations in the UK, Germany, Italy, and South Africa. The group demonstrates a rapid operational tempo and employs an evolving malware toolkit that includes ValleyRAT (Winos 4.0) and Atlas RAT (AtlasCross RAT) among other tools.

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known families like ValleyRAT (aka Winos 4.0) and Atlas RAT (aka AtlasCross RAT), as well as previously

Originally published at thehackernews.com

#China-APT #Cybersecurity #Malware #Phishing #Threat Intelligence #Vulnerabilities

China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

Talk to an architect about applying this to your stack.

More from the journal

ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months