Southeast Asian APT Group Saaiwc Targets Military and Financial Departments with PowerDism Backdoor

Threat Advisories

Southeast Asian APT Group Saaiwc Targets Military and Financial Departments with PowerDism Backdoor

January 10, 2023
Threat Level
Red
Actor Report

For a detailed threat advisory, download the pdf file here

Summary

Saaiwc Group (APT-LY-1005) is a newly identified APT group that is thought to operate in Southeast Asia. The group’s main tactic is to use an ISO file as a malicious payload, which when executed, injects a PowerShell command into the local registry and loads a PowerShell backdoor named PowerDism.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest