GroundPeony Group Exploiting Zero-day Flaw to Attack Government Agencies


A cyber attack group – GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate websites for distributing malware, URL obfuscation, and multi-stage loaders.

Further investigations revealed that a China-nexus attack group was responsible for this attack that used CVE-2022-30190 which was commonly known as Follina. However, the attack group has now been termed as “GroundPeony” by nao-sec.

Read more…