Return of HiatusRAT Malware: Hitting Taiwan Businesses and U.S. Military
Hey, MCk’s Today We are going to talk about the HiatusRAT Malware which is hitting Taiwan Businesses and the U.S. military, without any delay let’s delve into the topic, Guess who’s back? Yep, the creators of HiatusRAT malware are making a comeback, and they’re not messing around. This time, they’ve set their sights on Taiwan-based companies and even the U.S. military procurement system.
These cyber tricksters have come out of hiding with a fresh batch of sneak attacks, all aimed at causing havoc. They’ve tweaked their malware to fit different computer types and moved their sneaky software to new hideouts called virtual private servers (VPSs). The folks over at Lumen Black Lotus Labs sounded the alarm on this, calling it a “bold move” that shows no sign of slowing down. Who these hackers are and where they’re from is still a big mystery. Their targets? Well, they’ve got quite the shopping list. They’re going after businesses in Taiwan, like those making computer chips and chemicals. But here’s the kicker — they’re also messing with a part of the U.S. military that handles buying stuff. Yeah, you heard that right.
Remember, earlier this year, the HiatusRAT malware was caught snooping around. Back then, it was cozying up to business routers and spying on folks in Latin America and Europe. Sneaky, right? They’d taken over more than 100 of these router thingies to create a secret network for giving commands and controlling things. Fast forward to this summer, and these cyber troublemakers are at it again. This time, they’ve got versions of their HiatusRAT malware that can work on different types of computers — the Arm kind, the Intel kind, and others you probably haven’t heard of. They’re like those chameleons that change colors to fit in.
Turns out, most of their sneaky traffic is coming from Taiwan, like over 91% of it. And get this: they seem to have a soft spot for edge devices made by Ruckus. Weird, right? Their whole setup is like a spy movie plot. They’ve got special servers for doing the dirty work and other servers bossing those around. And guess what? They used different codes, 207.246.80[.]240 and 45.63.70[.]57, to hack into a part of the U.S. military on June 13th. During that time, about 11 MB of back-and-forth data was on the move. Now, why are they doing all this? Nobody really knows for sure. Some experts think they’re on the hunt for info about military contracts, you know, like what the military plans to buy in the future. This isn’t the first time we’ve seen hackers going after router gadgets. Lately, it’s been a bit of a trend, with some folks tied to China trying to get into security gaps in certain gadgets. They’re not just doing a quick hit — they’re sticking around for the long haul.
And get this, even though their secrets have been spilled before, these sneaky hackers didn’t even break a sweat. They just swapped out their servers and carried on like nothing happened. Talk about nerve, huh?
#HiatusRATReturns #CybersecurityAlert #HackersUnleashed #DigitalIntrusion #TaiwanUnderAttack #USMilitaryBreached #HiatusRATMalware #VirtualPrivateServersHijacked #CyberThreats #MysteriousHackers #RuckusDeviceTargeted #HiatusRATReemergence #CyberEspionageRises #TechSecurityConcerns #CyberWarfareInFocus #DataBreachAlert #HackingNews #TechInfiltration #CyberAttackTrends #NewWaveOfThreats #SecurityBreachUpdate