PRC Espionage Campaign Targets Diplomats

~Mandiant~
PRC-nexus actor UNC6384 hijacks web traffic via captive portals to deliver signed SOGU.SEC malware to diplomats.
-
IOCs: mediareleaseupdates. com, 103. 79. 120. 72, 166. 88. 2. 90
-
#SOGUSEC #ThreatIntel #UNC6384