Carderbee APT Uses Legitimate Software in Supply Chain Attack Targeting Hong Kong Firms
The group appears to be skilled and patient, selectively pushing payloads to specific victims. The use of signed malware and supply chain attacks makes it difficult for security software to detect.