Does This Look Infected 2
In March of 2022, Mandiant released new research detailing APT41’s persistent campaign leveraging novel exploits, malware, and techniques to compromise U.S. State Government networks. APT41 continued to demonstrate their tempo by exploiting a zero-day in an animal health management application before quickly shifting to operationalize the then fresh Log4j vulnerability. At the time, APT41’s goals were unclear. The “Double Dragon’s” name is derived from APT41’s well documented dual espionage and cybercrime operation. Were they hitting U.S. State Governments to support greater intelligence collection initiatives, or for financial gain?
Rufus Brown is a Senior Threat Analyst on Mandiant’s Advanced Practices Team specializing in attribution and malware tradecraft. His joint research into APT41 was covered by national media outlets.
Prior to joining Mandiant, Rufus was a student athlete at Maryville University, running cross country and track. He has a small chihuahua named Kindle which is the love of his life.