SOUNDBITE
SOUNDBITE is the name of a threat belonging to a long line of threatening tools produced by a group of threat actors called APT32 or OceanLotus. OceanLotus is based in South-East Asia, likely in Vietnam, even though there is no hard evidence of this. This group became infamous for its campaigns that targeted other Asian countries primarily. In early 2019, Tencent's cybersecurity division picked up an increase in attacks against the Chinese government and various state-run agencies orchestrated by the people behind APT32 allegedly.
SOUNDBITE is just one of the multi-purpose threats that APT32 have launched over the years. Just like the other attacks launched by APT32, it also has a wide range of features and is not just a Trojan or a password collecting malware, but rather a Swiss-army knife.
SOUNDBITE allows for Command and Control server communication through DNS; it can create processes on the target system, as well as upload files to it. It also allows for executing shell commands, file and directory access and manipulation and direct Registry changes and manipulation. Those are considerable capabilities for just one tool. SOUNDBITE also allows for a certain amount of system information scraping.
Threats like SOUNDBITE are usually used in high-profile schemes and targeted attacks as they have far more functionality than your garden-variety malware. This makes them threatening particularly, and adequate protection against them should include at the very least an updated anti-malware solution that is as fully-featured as possible.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.