A newly identified, China-aligned hacker group named LongNosedGoblin has been observed spying on governments in Southeast Asia and Japan since at least September 2023. This group uniquely leverages Group Policy, a Windows feature, to deploy malware like NosyHistorian, which steals browser data to identify high-value targets for further compromise with tools such as the backdoor NosyDoor.
Edward Kiledjian
@ekiledjian