China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025.
Check Point Research is tracking the previously undocumented activity cluster under the moniker Amaranth-Dragon, which it said shares links to the APT 41 ecosystem.
Targeted countries include Cambodia, among others, with the primary goal of stealing sensitive information from these agencies.
- The Amaranth-Dragon campaign exploits a vulnerability in WinRAR, a popular file archiving software.
- The vulnerability allows attackers to execute arbitrary code on the targeted system.
- The campaign is characterized by its use of sophisticated social engineering tactics to trick victims into opening malicious files.
The Amaranth-Dragon campaign highlights the ongoing threat of Chinese-linked cyber espionage to governments and law enforcement agencies worldwide.
Innovation meets security: Excellence in every byte.
Recent Comments
No comments on this post yet. Be the first to comment 🙂