Targeting of organizations in Asia, Europe, and North America
Date of report
  • April 2022
Affiliations
Chinese threat actor APT 10 used a vulnerability in Microsoft Exchange to gain access to victims’ networks, where the attackers deployed a custom loader and the Sodamaster backdoor. APT 10 also used a custom loader to obtain credentials. The attackers spent up to nine months in victims’ networks.
Suspected victims
  • Government, legal, religious, and nongovernmental organizations in Asia, Europe, and North America
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Government
  • Civil society