FireEye identifies dual nature Chinese cyber threat group Threat group engaged in state-spored espionage in parallel with cyber criminal activities targeting multiple industries worldwide August 7, 2019 https://www.computerweekly.com/news...tifies-dual-nature-Chinese-cyber-threat-group FireEye: APT41: A Dual Espionage and Cyber Crime Operation
Chinese Cyber-Spies Target US-Based Research University August 20, 2019 https://www.securityweek.com/chinese-cyber-spies-target-us-based-research-university FireEye: GAME OVER: Detecting and Stopping an APT41 Operation
Researchers unearth malware that siphoned SMS texts out of telco’s network Messagetap monitored telco's network for messages sent between high-value targets October 31, 2019 https://arstechnica.com/information...hat-siphoned-sms-texts-out-of-telcos-network/ FireEye: MESSAGETAP: Who’s Reading Your Text Messages?
Surge in attacks from China-linked APT41 targeting unpatched Citrix servers and Cisco routers March 25, 2020 https://www.computing.co.uk/news/4013048/apt41-china-attacks FireEye: This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
Chinese Hacking Group “APT41” Is Using a New Speculoos Backdoor The attackers have developed the new malware specifically for BSD systems used in certain organizations April 14, 2020 https://www.technadu.com/chinese-hacking-group-apt41-using-new-speculoos-backdoor/98763/ Palo Alto Networks - Unit42: APT41 Using New Speculoos Backdoor to Target Organizations Globally
"US charges five hackers part of Chinese state-sponsored group APT41 US says APT41 orchestrated intrusions at more than 100 companies across the world, ranging from software vendors, video gaming companies, telcos, and more... ATP41's operations were first revealed in a FireEye report published in August 2019..." US officials said the hackers stole proprietary source code, code-signing certificates, customer data, and valuable business information..." https://www.zdnet.com/article/us-charges-five-hackers-part-of-chinese-state-sponsored-group-apt41/ "NBC News: The picture the Justice Dept. is depicting today of yet another hack allegedly perpetrated by APT 41, a Chinese group, is that they are hacking into software companies and building their own backdoor code. This allows them to gain entry to wide-swaths of industries." https://twitter.com/Tom_Winter/status/1306256939958099968
APT41: Indictments Put Chinese Espionage Group in the Spotlight September 17, 2020 https://symantec-enterprise-blogs.s...ntelligence/apt41-indictments-china-espionage
Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks January 15, 2021 https://thehackernews.com/2021/01/researchers-disclose-undocumented.html Positive Technologies: Higaisa or Winnti? APT41 backdoors, old and new
APT41 Resurfaces as Earth Baku With New Cyberespionage Campaign August 24, 2021 https://www.trendmicro.com/en_us/re...th-baku-with-new-cyberespionage-campaign.html
Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails October 5, 2021 https://www.cyberscoop.com/apt41-india-blackberry-china/ BlackBerry: Drawing a Dragon: Connecting the Dots to Find APT41
China's APT41 Manages Library of Breached Certificates November 20, 2021 https://www.infosecurity-magazine.com/news/chinas-apt41-manages-library/ Venafi: APT41 Perfects Code Signing Abuse to Escalate Supply Chain Attacks (PDF): https://www.venafi.com/sites/default/files/2021-11/Venafi_WhitePaper_CodeSigningAPT41_2021_f_0.pdf
APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques August 18, 2022 Group-IB: APT41 World Tour 2021 on a tight schedule
New hacking group uses custom 'Symatic' Cobalt Strike loaders By Bill Toulas @billtoulas - November 9, 2022 Trend Micro: Hack the Real Box: APT41’s New Subgroup Earth Longzhi