Mirrors/cert-orangecyberdefense-cti
1
0
Fork 0
mirror of https://github.com/cert-orangecyberdefense/cti synced 2026-06-08 14:45:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a84519fc69b2a44bc865d6a3361f787ab1fb99eb
cert-orangecyberdefense-cti/green_nailao
T
History
Mar-Pic af4e71a652 Update yara
2025-02-25 16:18:01 +01:00
..
iocs
Create iocs
2025-02-18 16:01:49 +01:00
readme
yara
Update yara
2025-02-25 16:18:01 +01:00

readme

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Green Nailao is a malicious campaign that has been targeting at least between June and October 2024 European organizations, in particular in the healthcare sector.
Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese  a topic our World Watch team holds in high regard), this campaign involves the ShadowPad malware as well as a previously undocumented ransomware payload dubbed NailaoLocker.
Orange Cyberdefense does not associate this campaign with a known threat group. Nevertheless, we assess with medium confidence that the threat actors do align with typical Chinese intrusion sets.

Full research article: 
https://www.orangecyberdefense.com/global/blog/cert-news/meet-nailaolocker-a-ransomware-distributed-in-europe-by-shadowpad-and-plugx-backdoors#c137080
Reference in New Issue View Git Blame Copy Permalink