Patchwork APT

Posted: May 13, 2020

Patchwork APT Description

The Patchwork APT (Advanced Persistent Threat) is a criminal organization that has been attacking computer networks since 2015. The primary target of their campaigns appears to be South East Asia, but remnants of their activity have been discovered in other parts of the world as well. The hackers specialize in long-term espionage operations, and some of the signature malware they use is BADNEWS, the Quasar RAT, TINYTYPHON, and PowerSploit (a legitimate security testing tool.)

The group goes by several other names such as Dropping Elephant, Chinastrats, MONSOON, Operation Hangover, Neon, and Viceroy Tiger. It is believed that they have pro-Indian interests, but so far, it has been impossible to pinpoint the exact motives and nationality of the group's members. Their attacks focus on collecting data from the compromised networks, monitoring employee activity and hijacking login credentials. To achieve this, it uses backdoors such as BackConfig, or RATs (Remote Access Trojans) like the Quasar RAT.

Their attacks are executed via spear-phishing emails that contain a corrupted file attachment frequently, but it seems that they have been trying to diversify their methods with the latest BackConfig campaign – the payload was delivered to the targets by using a legitimate Web page that was compromised by the hackers previously.

The Patchwork APT is still very active, and its members keep enhancing their payloads and infrastructure to stay a step ahead of anti-virus vendors. Thankfully, their attempts are futile, and modern anti-malware software is capable of identifying and terminating the threatening applications that the Patchwork APT relies on perfectly.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Patchwork APT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.