Patchwork APT Description
The Patchwork APT (Advanced Persistent Threat) is a criminal organization that has been attacking computer networks since 2015. The primary target of their campaigns appears to be South East Asia, but remnants of their activity have been discovered in other parts of the world as well. The hackers specialize in long-term espionage operations, and some of the signature malware they use is BADNEWS, the Quasar RAT, TINYTYPHON, and PowerSploit (a legitimate security testing tool.)
The group goes by several other names such as Dropping Elephant, Chinastrats, MONSOON, Operation Hangover, Neon, and Viceroy Tiger. It is believed that they have pro-Indian interests, but so far, it has been impossible to pinpoint the exact motives and nationality of the group's members. Their attacks focus on collecting data from the compromised networks, monitoring employee activity and hijacking login credentials. To achieve this, it uses backdoors such as BackConfig, or RATs (Remote Access Trojans) like the Quasar RAT.
Their attacks are executed via spear-phishing emails that contain a corrupted file attachment frequently, but it seems that they have been trying to diversify their methods with the latest BackConfig campaign – the payload was delivered to the targets by using a legitimate Web page that was compromised by the hackers previously.
The Patchwork APT is still very active, and its members keep enhancing their payloads and infrastructure to stay a step ahead of anti-virus vendors. Thankfully, their attempts are futile, and modern anti-malware software is capable of identifying and terminating the threatening applications that the Patchwork APT relies on perfectly.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Patchwork APT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.