Confucius APT

Posted: February 15, 2021

Confucius APT Description

The Confucius Advanced Persistent Threat (APT) cybercrime organization has been active since 2013, and its attacks are usually focused on high-profile targets in Southeast Asia, the Middle East and Eastern Europe. However, the majority of their campaigns are concentrated in Pakistan. The group is believed to originate from India, and they specialize in developing custom-built Android and Windows implants, which are usually designed to collect data, as well as to provide backdoor access.

Recently, the Confucius APT made the news thanks to two of their latest Android implants – SunBird and Hornbill. Both of these appear to be based on an old Android spyware product called 'MobileSpy' – it was sold publicly, and it is likely that the criminals have gotten their hands on its source code.

Confucius APT's campaigns often overlap with the activities of other APT actors such as Patchwork, but cybersecurity experts believe that the two groups do not share members or codebase. Unfortunately, the Confucius APT's campaigns continue to be active in 2021, and the recent discovery of the SunBird and Hornbill malware showed that the criminals continue to maintain and develop the implants they use.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Confucius APT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.