China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon bug to stage attacks against their targets. The attacks appear to be the work of Cicada (aka APT10, Stone Panda, Cloud Hopper) Researchers observed a large-scale attack campaign targeting multiple Japanese companies across 17 regions and various industry sectors. Attackers also installed the QuasarRAT open-source backdoor and novel Backdoor.Hartip tool to continue surveillance on victims systems.
Source: https://threatpost.com/apt-exploits-zerologon-targets-japanese-companies/161383/