SecuriTricks - CVE-2018-0824

Attack reports

Likely compromise of Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike

Published: August 2, 2024

A government-affiliated Taiwanese research institute specializing in computing technologies experienced a cyber intrusion likely carried out by the Chinese hacking group APT41. The attackers employed ShadowPad malware, Cobalt Strike, and custom tools, exploiting vulnerabilities like CVE-2018-0824 f…

Downloadable IOCs 13

apt

cobalt strike

credential theft

cobaltstrike

shadowpad

data exfiltration

2024-08-02

poisonplug.shadow

CVE-2018-0824

unmarshalpwn

» Click here to see all Attack Reports «

Tag: CVE-2018-0824

Attack reports

Likely compromise of Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike