Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. The group has been observed using new tactics, techniques, and procedures (TTPs) The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security products developed by Tencent Cloud and Alibaba Cloud.”]
Source: https://securityaffairs.co/wordpress/92553/cyber-crime/rocke-group-changes-ttps.html