Report Sees Chinese Threat Actors Embracing Sandman APT

Chinese cybercriminals are now using an advanced persistent threat (APT) called Sandman that was first used by Western intelligence agencies, according to SentinelLabs, Microsoft and PwC. Sandman uses KEYPLUG backdoor malware to insert malware known as LuaDream, making it hard to detect. The agencies linked the Sandman APT with a group known as STORM-0866/Red Dev 40 aligned with China’s interests.