Operation FishMedley targeting governments, NGOs, and think tanks
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
ESET researchers have uncovered a global espionage operation called Operation FishMedley, conducted by the FishMonger APT group, which is operated by the Chinese contractor I-SOON. The campaign targeted governments, NGOs, and think tanks across Asia, Europe, and the United States during 2022. The attackers used implants like ShadowPad, SodaMaster, and Spyder, which are common or exclusive to China-aligned threat actors. The operation involved sophisticated tactics including lateral movement, credential theft, and custom malware deployment. Seven victims were identified across various countries and sectors. The analysis provides technical details on the malware used, initial access methods, and command and control infrastructure.
OPENCTI LABELS :
china,apt,espionage,shadowpad,government,ngo,spyder,sodamaster,think tank,i-soon,rpipecommander
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Operation FishMedley targeting governments, NGOs, and think tanks