A months-long malicious campaign that targeted multiple US government agencies has once again highlighted the sophistication and dogged persistence of APT41, a China-backed threat actor associated with numerous cyber-espionage campaigns in recent years.
Researchers at Mandiant first spotted the campaign when responding to an APT41 intrusion at a US state government network last May. Since then, the security vendor has identified at least six instances where the threat actor compromised a state government network by exploiting Web application vulnerabilities in their environments.