ESET discovers CloudScout: China-aligned Evasive Panda targets Taiwan and data stored in the cloud
ESET Research discovers the CloudScout toolset, detected in Taiwan between 2022 and 2023, in the networks of a religious institution and a government entity. The toolset is used by the China-aligned Evasive Panda group for cyberespionage. CloudScout utilizes stolen cookies, provided by MgBot plugins, to access and exfiltrate data stored on various cloud services. We analyzed three CloudScout modules, which aim to steal data from Google Drive, Gmail, and Outlook. We believe that at least seven additional modules exist. October 29, 2024 — ESET researchers discovered a previously undocumented...