Too Long; Didn't Read
CYE has engaged in investigations at three separate companies across the globe after being alerted to suspicious network activity. A malicious actor has infiltrated and gained domain privileges on the companies' networks while spreading a new customized version of PlugX RAT (Remote Access Trojan) malware. PlugX has been in use for a few years now and has been used by Chinese APT groups for cyber espionage campaigns. The attacker used a new self-made port scanner tool written in RUST language to evade detection by defense systems.