China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors

Summary

Cisco reports that a China-linked Advanced Persistent Threat (APT) group, previously identified with the LapDogs campaign, has enhanced its malware arsenal for SOHO routers. The group has introduced three new backdoors: LongLeash, DogLeash, and JarLeash, expanding their capabilities and operational reach.

IFF Assessment

FOE

The expansion of a threat actor's toolkit with new backdoors signifies an increased capability for malicious activity and sophisticated attacks, posing a greater risk to defenders.

Defender Context

Defenders should be aware of new malware families and backdoors being developed by APT groups, especially those targeting network infrastructure like SOHO routers. Monitoring for unusual network traffic and ensuring devices are patched and secured are critical mitigation strategies.

Read Full Story →