At the SAS 2021 security conference today, analysts from security firm Kaspersky Lab have published details about a new Chinese cyber-espionage group that has been targeting high-profile entities across South East Asia since at least July 2020.
Named GhostEmperor, Kaspersky said the group uses highly sophisticated tools and is often focused on gaining and keeping long-term access to its victims through the use of a powerful rootkit that can even work on the latest versions of Windows 10 operating systems.
“We observed that the underlying actor managed to remain under the radar for months,” Kaspersky researchers explained today.