CrowdStrike: PlugX is the Most Popular Malware for Nation-state Adversaries
Page 1 of 1
Details on which tools nation-state threat actors use are included in the 2014 CrowdStrike Global Threat Intel report that was released this week. Among its findings: The PlugX Remote Access Tool (RAT) is the most observed malware variant used in such attacks.
"PlugX is pretty easy to use," Dmitri Alperovitch, co-founder and CTO of CrowdStrike, told eSecurityPlanet. "It was initially used by Chinese threat adversaries that led the development of the tool."
The use of PlugX has proliferated across multiple groups of threat adversaries that CrowdStrike tracks, Alperovitch noted. Originally PlugX was just used by several groups in China. Alperovitch expects that its use has grown as individuals have moved across different military units in China and as a result of hackers sharing their success stories.