{"id":36432,"date":"2020-08-04T14:06:59","date_gmt":"2020-08-04T14:06:59","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/"},"modified":"2020-08-04T14:06:59","modified_gmt":"2020-08-04T14:06:59","slug":"uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/","title":{"rendered":"Uncle Sam blames best pal China as Taidoor crew&#8217;s dirty RAT takes aim at Western orgs, but others are less sure"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2019\/05\/16\/war.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A Chinese state-backed hacking crew named Taidoor is deploying a custom remote access trojan (RAT) against Western organisations, according to US authorities.<\/p>\n<p><a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/us-cert.cisa.gov\/ncas\/analysis-reports\/ar20-216a\">Joint analysis<\/a> by the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) reckoned that Taidoor&#8217;s malware has been deployed onto target systems as a service DLL named svchost.dll.<\/p>\n<p>Svchost is a regular Windows process; the trick of naming malicious files after legitimate ones to defy casual inspection is as old as the concept of malware itself.<\/p>\n<p>Taidoor is said by the Americans to be sponsored by the Chinese government, with their aim being &#8220;to maintain a presence on victim networks and to further network exploitation&#8221;.<\/p>\n<p>Ben Read, a senior analyst at FireEye-owned Mandiant Threat Intelligence told <i>The Register<\/i> that the Taidoor malware had been &#8220;used extensively by multiple Chinese groups including APT 24 in the last 12 years,&#8221; adding that &#8220;its use has declined in the past few years.&#8221;<\/p>\n<p>He continued: &#8220;These malware samples <i>[from CISA]<\/i> appear to be straightforward variants of Taidoor. Taidoor is a backdoor that can execute commands, exfiltrate information or download additional payloads onto a victim machine. We have also seen Taidoor attached to spearphishing emails. Some of the targets which Taidoor was used against include law firms, nuclear power suppliers, aerospace, governments in East Asia, defense industrial base and engineering firms.\u201d<\/p>\n<p>Joseph Carson, chief security scientist at infosec firm Thycotic, cast doubt on whether the malware itself was being operated today by the Chinese state. He said in a statement: &#8220;Since it has been around for almost 12 years it is very likely that several governments, organized cybercrime and mercenary criminal hackers have got hold of the malware and are also using it.&#8221;<\/p>\n<p>Carson added that the MITRE ATT&amp;CK (adversarial tactics, techniques, and common knowledge) framework <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/attack.mitre.org\/groups\/\">reference documentation<\/a> details Taidoor as having been seen in the wild since 2009.<\/p>\n<p>While the modern-day US CISA\/FBI investigation went into some detail about how the latest strain functions, there was limited indication about how it spreads. One detail from the analysis stood out, however: &#8220;Taidoor does not have a function built into it that enables it to persist past a system reboot. It appears from the memory dump of the infected system, it was installed as a service DLL by some other means.&#8221;<\/p>\n<p>Curiously, there is little other trace of Taidoor in the public domain under that name except for some isolated mentions dating back to 2012 and 2013. Trend Micro <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.trendmicro.com\/vinfo\/es\/security\/news\/cyber-attacks\/taidoor-campaign-targets-government-agencies-in-taiwan\">published<\/a> an analysis of the Taidoor malware&#8217;s C2 traffic eight years ago, noting that it &#8220;primarily targeted government organisations located in Taiwan&#8221;. The attack vector was the age-old tactic of using phishing attacks to trick targets into opening email attachments.<\/p>\n<p>Similarly, in 2013 FireEye <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.fireeye.com\/blog\/threat-research\/2013\/09\/evasive-tactics-taidoor-3.html\">noted<\/a> that Taidoor&#8217;s operators were using Yahoo<i>!<\/i> Blogs posts to host an encrypted form of the malware, making it easier to evade blocks and takedowns of C2 domains. At the time a lure seen by FireEye researchers was a Microsoft Word document referring to trade negotiations between China and Taiwan. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2020\/08\/04\/taidoor_malware_us_cisa_china\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hello, 2009 called, they said they&#8217;ve got an email for you A Chinese state-backed hacking crew named Taidoor is deploying a custom remote access trojan (RAT) against Western organisations, according to US authorities.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36433,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-36432","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Uncle Sam blames best pal China as Taidoor crew&#039;s dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Uncle Sam blames best pal China as Taidoor crew&#039;s dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-04T14:06:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"324\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Uncle Sam blames best pal China as Taidoor crew&#8217;s dirty RAT takes aim at Western orgs, but others are less sure\",\"datePublished\":\"2020-08-04T14:06:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/\"},\"wordCount\":529,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/\",\"name\":\"Uncle Sam blames best pal China as Taidoor crew's dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg\",\"datePublished\":\"2020-08-04T14:06:59+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg\",\"width\":648,\"height\":324},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Uncle Sam blames best pal China as Taidoor crew&#8217;s dirty RAT takes aim at Western orgs, but others are less sure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Uncle Sam blames best pal China as Taidoor crew's dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/","og_locale":"en_US","og_type":"article","og_title":"Uncle Sam blames best pal China as Taidoor crew's dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-04T14:06:59+00:00","og_image":[{"width":648,"height":324,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Uncle Sam blames best pal China as Taidoor crew&#8217;s dirty RAT takes aim at Western orgs, but others are less sure","datePublished":"2020-08-04T14:06:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/"},"wordCount":529,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/","url":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/","name":"Uncle Sam blames best pal China as Taidoor crew's dirty RAT takes aim at Western orgs, but others are less sure 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg","datePublished":"2020-08-04T14:06:59+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure.jpg","width":648,"height":324},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/uncle-sam-blames-best-pal-china-as-taidoor-crews-dirty-rat-takes-aim-at-western-orgs-but-others-are-less-sure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Uncle Sam blames best pal China as Taidoor crew&#8217;s dirty RAT takes aim at Western orgs, but others are less sure"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36432"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36432\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36433"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}