DRBControl: Talent-Jump and Trend Micro have both released research after two different websites were confirmed to be hacked by what appears to be the same group. The threat group, called DRBControl by researchers, is believed to be based in China. Trend Micro reported that the DRBControl group’s tactics and tools overlap with the Winnti and Emissary Panda threat groups. The websites that were attacked were located in southeast Asia, and there are rumors that websites in the Middle East and Europe were also targeted. No money was taken in the attack. Source code and databases were stolen, leading researchers to believe that these attacks were espionage-based rather than financially motivated. The group carried out these attacks by targeting employees of the companies with spear-phishing emails that lead to a Dropbox account that delivers a Remote Access Trojan (RAT), infecting the target and giving the threat actor a backdoor into the company.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in