Mirrors/cert-orangecyberdefense-cti
1
0
Fork 0
mirror of https://github.com/cert-orangecyberdefense/cti synced 2026-06-08 22:47:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b886097035eb025c420d89a92dee81cc095a9fb2
cert-orangecyberdefense-cti/green_nailao
T
History
CERT Orange CyberDefense bba9de6d0c Create readme 
Green Nailao investigation, IOCs and Yara
2025-02-18 14:25:33 +01:00
..
readme
Create readme
2025-02-18 14:25:33 +01:00

readme

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Green Nailao is a malicious campaign that has been targeting at least between June and October 2024 European organizations, in particular in the healthcare sector.
Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese  a topic our World Watch team holds in high regard), this campaign involves the ShadowPad malware as well as a previously undocumented ransomware payload dubbed NailaoLocker.
Orange Cyberdefense does not associate this campaign with a known threat group. Nevertheless, we assess with medium confidence that the threat actors do align with typical Chinese intrusion sets.

Full research article: 
https://www.orangecyberdefense.com/global/blog/cert-news/meet-nailaolocker-a-ransomware-distributed-in-europe-by-shadowpad-and-plugx-backdoors#c137080
Reference in New Issue View Git Blame Copy Permalink