Unusual attack linked to Chinese APT group combines espionage and ransomware | CSO Online

A recent attack combined cyberespionage and ransomware tactics, a rare occurrence for Chinese APT groups. The attacker used a variant of the PlugX cyberespionage toolset, previously linked to Chinese APT groups, alongside the RA World ransomware. The attacker demanded a $2 million ransom, claiming to have exploited a vulnerability in Palo Alto’s PAN-OS firewall software and stolen data from the victim’s S3 buckets.