China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors
Summary
Cisco reports that a China-linked Advanced Persistent Threat (APT) group, previously identified with the LapDogs campaign, has enhanced its malware arsenal for SOHO routers. The group has introduced three new backdoors: LongLeash, DogLeash, and JarLeash, expanding their capabilities and operational reach.
IFF Assessment
The expansion of a threat actor's toolkit with new backdoors signifies an increased capability for malicious activity and sophisticated attacks, posing a greater risk to defenders.
Defender Context
Defenders should be aware of new malware families and backdoors being developed by APT groups, especially those targeting network infrastructure like SOHO routers. Monitoring for unusual network traffic and ensuring devices are patched and secured are critical mitigation strategies.