Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campaign exploiting four Microsoft SharePoint flaws, linking it to China-nexus groups APT27, APT31, and a new cluster, Storm-2603. The researchers pointed out that Storm-2603’s goals remain […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/180657/apt/toolshell-under-siege-check-point-analyzes-chinese-apt-storm-2603.html
