The BfV German domestic intelligence services (short for Bundesamt für Verfassungsschutz) warn of ongoing attacks coordinated by the APT27 Chinese-backed hacking group.
This active campaign is targeting German commercial organizations, with the attackers using the HyperBro remote access trojans (RAT) to backdoor their networks.
HyperBro helps the threat actors maintain persistence on the victims’ networks by acting as an in-memory backdoor with remote administration capabilities.
The agency said the threat group’s goal is to steal sensitive information and may also attempt to target their victims’ customers in supply chain attacks.
“The Federal Office for the Protection of the Constitution (BfV) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies,” the BfV said.