Security is Everyone's Job
APT 31 is a cyber espionage group that is believed to operate on behalf of the Chinese government and state-owned enterprises
The group has been active since at least 2017, and has targeted organizations and individuals in various sectors and regions, such as aerospace, defense, government, media, technology, and international affairs
SOGU, LUCKYBIRD, SLOWGYRO, and DUCKFAT: These are Python-based implants that can perform various functions, such as file transfer, command execution, credential theft, and data exfiltration
PlugX: This is a remote access trojan (RAT) that can perform various malicious activities, such as file manipulation, process injection, keylogging, and screen capture
TONESHELL: This is a custom shellcode loader that can execute encrypted payloads in memory
C4: This is a tool that can open a Windows Command Shell on a remote host