A so-far-unknown attacker modified platform-level firmware to plant exceptionally persistent and hard-to-remove malware on an organization’s system. The attack was one of several new and sophisticated attack tactics that Kaspersky observed in the third quarter of this year as APT groups diversified their tool sets in larger numbers than usual. Another example of a threat actor that diversified its tool set in a unique manner last quarter was Ke3chan, an APT group believed to be based in China.”]
Source: https://www.darkreading.com/attacks-breaches/apt-groups-get-innovative—-and-more-dangerous—-in-q3