Shady RAT — for remote access tool — is the name of the “low and slow” attack detected by McAfee. McAfee said that a single entity was behind the attacks. While it declined to name a suspect, it did suggest that a nation state might be the perpetrator. According to McAfee, the attack successfully compromised at least 72 organizations, including 22 governmental agencies and contractors, 13 defense contractors, 23 businesses, and think tanks, political nonprofits, and other organizations. The attacks were launched by people operating for — or on behalf — China?”]
Source: https://www.darkreading.com/attacks-breaches/china-is-behind-shady-rat-experts-say