Winos 4.0 hackers expand to Japan and Malaysia with new malware

Winos 4.0 hackers, also known as ValleyRAT, have expanded their attacks from China and Taiwan to Japan and Malaysia. The attackers used phishing emails with PDFs disguised as Finance Ministry documents to deliver the HoldingHands RAT malware. The campaign involved a multi-stage process, including anti-VM checks, privilege escalation, and the use of the Windows Task Scheduler to evade detection.