Bitter cyberspies target South Asian govts with new malware

New activity has been observed from Bitter, an APT group focused on cyberespionage, targeting the government of Bangladesh with new malware with remote file execution capabilities. The discovery and details of this campaign come from threat analysts at Cisco Talos, who shared their report with BleepingComputer. Cisco Talos researchers attribute this campaign to Bitter based on C2 IP address overlaps with past campaigns, string encryption commonalities, and the module naming scheme. Bitter is still out there, refreshing their arsenal with new tools and putting more effort into evading detection. Defenders in the South and Southeast Asia are advised to use the indicators of compromise from Cisco Talos to spot and stop Bitter APT threats.

Read more about it: here.