LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers have identified a new China-aligned Advanced Persistent Threat (APT) group designated as LongNosedGoblin. This actor is actively targeting governmental institutions across Southeast Asia and Japan with the primary objective of cyberespionage. The group employs Group Policy objects as a mechanism to deploy cyberespionage tools across compromised networks, facilitating lateral movement and persistent access. This activity poses a significant risk to national security and sensitive governmental data within the affected regions. While specific malware families were not detailed in the initial reporting, the use of native administrative tools highlights a reliance on living-off-the-land techniques to evade detection. Organizations within the targeted sectors should prioritize auditing Group Policy configurations, monitoring for unusual administrative activity, and implementing strict access controls to mitigate the risk of unauthorized tool deployment and potential data exfiltration by this state-aligned threat actor.

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

ESET researchers have identified a new China-aligned Advanced Persistent Threat (APT) group designated as LongNosedGoblin. This actor is actively targeting governmental institutions across Southeast Asia and Japan with the primary objective of cyberespionage. The group employs Group Policy objects as a mechanism to deploy cyberespionage tools across compromised networks, facilitating lateral movement and persistent access. This activity poses a significant risk to national security and sensitive governmental data within the affected regions. While specific malware families were not detailed in the initial reporting, the use of native administrative tools highlights a reliance on living-off-the-land techniques to evade detection. Organizations within the targeted sectors should prioritize auditing Group Policy configurations, monitoring for unusual administrative activity, and implementing strict access controls to mitigate the risk of unauthorized tool deployment and potential data exfiltration by this state-aligned threat actor. ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions