RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

RedDelta, a China-nexus threat actor, targeted Mongolia, Taiwan, and other countries with a customized PlugX backdoor. The group used lure documents and compromised government entities, including the Mongolian Ministry of Defense and the Communist Party of Vietnam. RedDelta’s evolving tactics, such as using Cloudflare CDN to proxy C2 traffic, highlight their efforts to evade detection.