Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor “Boosting Your Immune System During the COVID-19 Pandemic” “Strengthening Your Immunity During the COVID-19 Crisis”
Mar 30, 2023 saw the uncovering of a custom Windows and Linux backdoor called KEYPLUG, attributed to the Chinese state-sponsored threat activity group RedGolf. The use of KEYPLUG by Chinese threat actors was first disclosed by Google-owned Manidant in March 2022 in attacks targeting multiple U.S. state government networks between May 2021 and February 2022.…