Chinese threat actor APT 10 used a vulnerability in Microsoft Exchange to gain access to victims’ networks, where the attackers deployed a custom loader and the Sodamaster backdoor. APT 10 also used a custom loader to obtain credentials. The attackers spent up to nine months in victims’ networks.
- Government, legal, religious, and nongovernmental organizations in Asia, Europe, and North America
Suspected state sponsor
Type of incident
- Civil society