{"id":41789,"date":"2021-07-16T14:14:17","date_gmt":"2021-07-16T14:14:17","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32473\/Chinese-APT-LuminousMoth-Abuses-Zoom-Brand-For-Govt-Attacks.html"},"modified":"2021-07-16T14:14:17","modified_gmt":"2021-07-16T14:14:17","slug":"chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/","title":{"rendered":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#8217;t Attacks"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/hub\/i\/r\/2021\/05\/05\/68186d8a-bb4e-4cd7-994f-c50dc4f773a8\/thumbnail\/770x578\/ebd579eb359df0eedb3c81192b949123\/shutterstock-coders-melody-smart-small-copy.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A Chinese advanced persistent threat (APT) group is spreading fake Zoom software to spy on targets in South East Asia.&nbsp;<\/p>\n<p>The group, dubbed <a href=\"https:\/\/securelist.com\/apt-luminousmoth\/103332\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">LuminousMoth by Kaspersky<\/a>, is focused on cyberespionage and the theft of information from high-profile targets. <\/p>\n<p>Dating back to at least October 2020, roughly 100 victims have been detected in Myanmar, and close to 1,400 have been recorded in the Philippines. However, these infection rates may not tell the whole story, as the researchers believe that only a small subset of these numbers was of interest to the APT and were exploited further.&nbsp; <\/p>\n<p>LuminousMoth&#8217;s true targets, in particular, are government agencies in both of these countries and abroad.&nbsp;<\/p>\n<p>According to the researchers, the preliminary rate of infection may be due to LuminousMoth&#8217;s initial attack vector and spreading mechanisms, deemed &#8220;noisy&#8221; and unusual for an APT to adopt.&nbsp; <\/p>\n<p>The APT begins by sending spear phishing emails that contain Dropbox download links to a .RAR archive, named with political or COVID-19 themes. This file contains two malicious .DLL files which are able to then pull and deploy malicious executables on an infected system.&nbsp; <\/p>\n<p>Once this stage of infection has been completed, LuminousMoth will download a Cobalt Strike beacon and side-load two malicious libraries designed to establish persistence and to copy the malware onto any removable storage drives connected to a victim&nbsp;system. <\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>In cases noted by Kaspersky, the threat actors have then deployed a fake Zoom app, software that has become a lifeline &#8212; alongside Microsoft Teams, and others &#8212; for many businesses forced to go remote during the COVID-19 pandemic.&nbsp; <\/p>\n<p>The software, signed by an organization in Shanghai, is actually used to exfiltrate files of interest to LuminousMoth. Any file found with pre-defined extensions is copied and transferred to a command-and-control (C2) server. &nbsp; <\/p>\n<p>LuminousMoth will also look for cookies and credentials, including those used for Gmail accounts.&nbsp; <\/p>\n<p>&#8220;During our test, we set up a Gmail account and were able to duplicate our Gmail session by using the stolen cookies,&#8221; Kaspersky says. &#8220;We can therefore conclude this post-exploitation tool is dedicated to hijacking and impersonating the Gmail sessions of the targets.&#8221; <\/p>\n<p>The APT&#8217;s activities also appear to overlap with <a href=\"https:\/\/www.kaspersky.com\/about\/press-releases\/2019_the-garden-of-forking-paths-sophisticated-apts-diversify-toolsets\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">HoneyMyte<\/a>\/Mustang Panda, another Chinese-speaking group, linked to an attack against the office of Myanmar&#8217;s president (<a href=\"https:\/\/twitter.com\/ESETresearch\/status\/1400165767488970764\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">1<\/a>,<a href=\"https:\/\/twitter.com\/AvastThreatLabs\/status\/1404864965584977922\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">2<\/a>).&nbsp; <\/p>\n<p>LuminousMoth and HoneyMyte have adopted similar tactics during campaigns including C2 overlaps, .DLL side-loading, the deployment of Cobalt Strike beacons, and similar cookie-stealing functionality. <\/p>\n<p>&#8220;Both groups, whether related or not, have conducted activity of the same nature &#8212; large-scale attacks that affect a wide perimeter of targets with the aim of hitting a few that are of interest,&#8221; the researchers say.&nbsp; <\/p>\n<h3> Previous and related coverage <\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0<\/p>\n<hr>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32473\/Chinese-APT-LuminousMoth-Abuses-Zoom-Brand-For-Govt-Attacks.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":41790,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8798],"class_list":["post-41789","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentmalwarechinaspyware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#039;t Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#039;t Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-16T14:14:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#8217;t Attacks\",\"datePublished\":\"2021-07-16T14:14:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/\"},\"wordCount\":481,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg\",\"keywords\":[\"headline,government,malware,china,spyware\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/\",\"name\":\"Chinese APT LuminousMoth Abuses Zoom Brand For Gov't Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg\",\"datePublished\":\"2021-07-16T14:14:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,malware,china,spyware\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentmalwarechinaspyware\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#8217;t Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov't Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov't Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-07-16T14:14:17+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#8217;t Attacks","datePublished":"2021-07-16T14:14:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/"},"wordCount":481,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg","keywords":["headline,government,malware,china,spyware"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/","name":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov't Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg","datePublished":"2021-07-16T14:14:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-luminousmoth-abuses-zoom-brand-for-govt-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,malware,china,spyware","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentmalwarechinaspyware\/"},{"@type":"ListItem","position":3,"name":"Chinese APT LuminousMoth Abuses Zoom Brand For Gov&#8217;t Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=41789"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41789\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/41790"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=41789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=41789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=41789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}