The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region.
« The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware, » Kaspersky researchers Denis Kulik and Daniil Pogorelov said. « One of the C2s [command-and-control servers] was a captive
