A sweeping and “highly active campaign” that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research.
Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them to a threat actor it tracks as “LuminousMoth,” which it connected with medium to high confidence to a Chinese state-sponsored hacking group called HoneyMyte or Mustang Panda, given its observed victimology, tactics, and procedures.
About 100 affected victims have been identified in Myanmar, while the number of victims jumped to nearly 1,400 in the Philippines, although the researchers noted that the actual targets were only a fraction of the initial numbers, including government entities located both within the two countries and abroad.