LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers have identified LongNosedGoblin, a China-aligned APT group, conducting cyberespionage operations against governmental institutions in Southeast Asia and Japan. The threat actors leverage Windows Group Policy objects to deploy and distribute cyberespionage tools across compromised networks, enabling persistent access and lateral movement. This technique allows the group to efficiently propagate malicious payloads throughout targeted organizations. Organizations in the affected regions, particularly government agencies, should review Group Policy configurations, monitor for unauthorized policy changes, and ensure robust network monitoring to detect such deployment techniques.

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

ESET researchers have identified LongNosedGoblin, a China-aligned APT group, conducting cyberespionage operations against governmental institutions in Southeast Asia and Japan. The threat actors leverage Windows Group Policy objects to deploy and distribute cyberespionage tools across compromised networks, enabling persistent access and lateral movement. This technique allows the group to efficiently propagate malicious payloads throughout targeted organizations. Organizations in the affected regions, particularly government agencies, should review Group Policy configurations, monitor for unauthorized policy changes, and ensure robust network monitoring to detect such deployment techniques. ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions