Date of report
- Apr 2022
Affiliations
Chinese threat actor APT 10 used a vulnerability in Microsoft Exchange to gain access to victims’ networks, where the attackers deployed a custom loader and the Sodamaster backdoor. APT 10 also used a custom loader to obtain credentials. The attackers spent up to nine months in victims’ networks.
Suspected victims
- Government, legal, religious, and nongovernmental organizations in Asia, Europe, and North America
Suspected state sponsor
- China
Type of incident
- Espionage
Target category
- Civil society
- Government