Mofang hacking group targets Weapon industries in various countries

The Mofang APT group, is a group which needs to be taken seriously. The APT group has been attacking various sectors – but their main sectors which they target seem to be government, military, critical infrastructures and weapon industries.

In a recent report by Fox-IT, they state that the Mofang APT group has been attacking the following countries:

  • India
  • Germany
  • United States
  • Canada
  • Singapore
  • South Korea

An interesting fact which has appeared is the fact that the Mofang APT group does not use any exploits to infect their targets, instead they use social engineering methods to infiltrate their victims networks.

Another interesting fact is that they are using typosquated domains to lure/trick unaware users.

The following typosquated domains were detected:

  • support.f–secure.com/cache/cache.php
  • account.google.com.gmgoogle.com
  • mail.upgoogle.com
  • ie.update-windows-microsoft.com
  • support.outlook-microsoft.com
  • help.outlook-microsoft.com
  • oem.outlook-microsoft.com
  • windws-microsoft.com
  • store.outlook-microsoft.com

YOU CAN READ THE FULL REPORT BY FOX-IT HERE

DOWNLOAD