Executive Summary Ink Dragon, a Chinese espionage group, has expanded from Asia and South America into European government networks. The group turns compromised servers into relay nodes, using victims to route commands and support operations in other environments. Updated tooling, including a new FinalDraft variant, allows the attackers to blend into Microsoft cloud activity and maintain long term access. Multiple threat actors, including RudePanda, exploited the same public facing weakness, showing how a single flaw can draw in several advanced groups. Check Point Research continues to track Ink Dragon’s activity and provide intelligence to help organizations detect and disrupt its […]
The post Ink Dragon Expands With New Tools and a Growing Victim Network appeared first on Check Point Blog.
Read the original article: