Confucius APT
The Confucius Advanced Persistent Threat (APT) cybercrime organization has been active since 2013, and its attacks are usually focused on high-profile targets in Southeast Asia, the Middle East and Eastern Europe. However, the majority of their campaigns are concentrated in Pakistan. The group is believed to originate from India, and they specialize in developing custom-built Android and Windows implants, which are usually designed to collect data, as well as to provide backdoor access.
Recently, the Confucius APT made the news thanks to two of their latest Android implants – SunBird and Hornbill. Both of these appear to be based on an old Android spyware product called 'MobileSpy' – it was sold publicly, and it is likely that the criminals have gotten their hands on its source code.
Confucius APT's campaigns often overlap with the activities of other APT actors such as Patchwork, but cybersecurity experts believe that the two groups do not share members or codebase. Unfortunately, the Confucius APT's campaigns continue to be active in 2021, and the recent discovery of the SunBird and Hornbill malware showed that the criminals continue to maintain and develop the implants they use.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.