Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

Updated on August 29, 2025

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia.
“Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage or login…

Read the rest of the story at Read More

Source: The Hacker News

July 27, 2024 Uncategorized

French Authorities Launch Operation to R...

March 26, 2025 Uncategorized

Zero-Day Alert: Google Releases Chrome P...

August 7, 2025 Uncategorized

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

Related posts

French Authorities Launch Operation to R...

Zero-Day Alert: Google Releases Chrome P...

6,500 Axis Servers Expose Remoting Proto...

Leave a Comment Cancel reply

Recent News

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild