Active since 2012, APT32 or OceanLotus has been known for complex hacking operations that had the main purpose of intelligence gathering both inside Vietnam and against other countries. In a new report by Microsoft, they claim to have linked APT32, or Bismuth as tracked by Microsoft, to a new crypto-mining campaign. The report from Microsoft outlined how over the summer they saw a change in the group’s tactics. The group deployed Monero crypto miners in France and Vietnam that targeted the private and governmental sectors of both countries. Microsoft cited two theories behind this change in tactics. The first theory is that the group is trying to disguise some of their other intelligence-gathering operations with generic cyber-crime attacks such as these. The second theory is that they are experimenting with new forms of revenue-generating attacks.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in