New Malware Variant Used by Chinese Hackers has "Radio Silence" Mode to Evade Detection
A new version of the “Soul” malware framework has been identified by Check Point in a cyber-espionage campaign targeting high-profile government entities in Vietnam, Thailand, and Indonesia. The malware uses a “radio silence” mode which allows the threat actors to specify the specific hours of the week that the backdoor should not communicate with the command and control server, likely to evade detection during the victim’s working hours. The malware is deployed via spear-phishing emails with malicious DOCX file attachments that deploy the RoyalRoad RTF kit to attempt to exploit older vulnerabilities to drop malware on the host. The malware is capable of collecting and resending enumeration data, restarting the C2 communication, or exiting its process. Malware: Soul, SoulSearcher [View Article](https://www.bleepingcomputer.com/news/security/new-malware-variant-has-radio-silence-mode-to-evade-detection/?&web_view=true)