Chinese hackers are replacing the legitimate Narrator app on targeted Windows systems with a trojanized version that gives them remote access with privileges of the most powerful account on the operating system. Researchers from BlackBerry Cylance say the attacks are the work of a Chinese advanced threat group known as Tropic Trooper or Tropic Boy Trooper. The attacks are targeting government institutions in Taiwan and the Philippines, which these attacks are believed to be targeting technology companies in South-East Asia. The researchers found that it was different from the public version of the open-source PcShare backdoor.
Source: https://www.bleepingcomputer.com/news/security/hackers-replace-windows-narrator-to-get-system-level-access/