{"id":53471,"date":"2023-08-30T21:54:00","date_gmt":"2023-08-30T21:54:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/china-group-spreads-android-spyware-via-trojan-signal-telegram-apps"},"modified":"2023-08-30T21:54:00","modified_gmt":"2023-08-30T21:54:00","slug":"chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/","title":{"rendered":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps"},"content":{"rendered":"
<\/div>\n

A China-based advanced persistent threat group that used an Android malware tool called BadBazaar to spy on Uyghurs is distributing the same spyware to users in several countries via Trojanized versions of the Signal and Telegram messaging apps.<\/p>\n

The apps \u2014 Signal Plus Messenger and FlyGram \u2014 tout features and modifications not available with the official versions. But in reality, while they offer legitimate functionality, they can also exfiltrate device and user information and \u2014 in the case of Signal Plus \u2014 enable the threat actor to spy on communications.<\/p>\n

Thousands of Downloads<\/h2>\n

Researchers from ESET who discovered the campaign<\/a> say their telemetry shows thousands of users have downloaded both apps from Google’s Play Store, Samsung Galaxy Store, and websites the threat actor’s set up for each of the two apps.<\/p>\n

The security vendor said it had detected infected devices in 16 countries so far, including the US, Australia, Germany, Brazil, Denmark, Portugal, Spain, and Singapore. The researchers have attributed the campaign to a Chinese group they are tracking as GREF.<\/p>\n

“Based on analysis of BadBazaar, user espionage is their main goal with focus on Signal communication \u2014 in the case of malicious Signal Plus Messenger,” says ESET researcher Luk\u00e1\u0161 \u0160tefanko. “The campaigns seem to be active since malicious Signal Plus Messenger is still available on Samsung’s Galaxy Store and was recently updated \u2014 on Aug. 11, 2023.”<\/p>\n

Unlike with previous use of BadBazaar, ESET has found nothing to suggest that GREF is using the malware to target specific groups or individuals, \u0160tefanko says.<\/p>\n

According to ESET, the threat actor appears to have initially uploaded Signal Plus Messenger to Google Play in July 2022 and FlyGram sometime in early June 2020. The Signal app garnered a few hundred downloads, while more than 5,000 users downloaded FlyGram from Play before Google removed it. It’s unclear when GREF actors uploaded their Trojanized apps to Galaxy Store because Samsung does not reveal that information, ESET said.<\/p>\n

GREF appears to have established dedicated websites for both malicious apps a few months before each of the apps became available on Play and Galaxy Store.<\/p>\n

Google removed the latest version of Signal Plus Messenger from its Play Store after ESET notified the company about it in April. Google had previously already removed FlyGram from the store. But both apps remain an active threat because they are still available on Samsung’s Galaxy Store even after ESET notified the company of the threat, the security vendor said in a report this week.<\/p>\n

Potentially Big Impact for Victims<\/h2>\n

BadBazaar is malware<\/a> that some other vendors have attributed to China-based APT15, aka Vixen Panda and Nickel. Lookout, the first to report on the malware<\/a> last November, identified BadBazaar as one in a collection of unique surveillance tools that the Chinese government used in surveillance campaigns against Uyghurs and other Turkic minorities, both domestically and abroad.<\/p>\n

ESET said that based on code similarities, both Signal Plus Messenger and FlyGram appear to definitely belong to the BadBazaar malware family.<\/p>\n

FlyGram’s features include the ability to extract basic device information, contact lists, call logs, and a list of all Google Accounts on a compromised Android device. FlyGram can also extract some basic metadata from Telegram apps and access a user’s full Telegram backup \u2014 including contacts, profile pictures, groups, channels, and other information \u2014 if the user enables a specific Cloud Sync feature in the malicious app. Telemetry related to that specific backup feature showed that at least 13,953 individuals who downloaded FlyGram had activated it, ESET said.<\/p>\n

Signal Plus Messenger collects the same kind of device and user information as FlyGram, but its main function is to spy on the user’s Signal communications. One unique feature about the malware is its ability to extract the user’s Signal PIN and use it to link the Signal Desktop and Signal iPad to their own phones. “This spying approach stands out due to its uniqueness, as it differs from the functionality of any other known malware,” ESET said.<\/p>\n

“For specific individuals and enterprises, the impact can be huge, considering FlyGram is capable of not only spying on users but also downloading additional custom payload and making users install them,” \u0160tefanko notes. “Malicious Signal Plus Messenger, on the other hand, allows active espionage on exchanged Signal communication.”<\/p>\n

\u0160tefanko says that while several other vendors have tied BadBazaar to APT15, ESET itself has not been able to conclusively establish that link. Instead, telemetry related to the malware, the Trojanized apps, and the threat infrastructure all point to BadBazaar being the handiwork of GREF, he says. “While we track GREF as a separate group, many researchers believe it is associated with APT15. However, we don’t have enough evidence to support that connection.”<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Thousands of devices have become infected with “BadBazaar,” malware previously used to spy on Uyghur and Turkic ethnic minorities in China.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-53471","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nChinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-30T21:54:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps\",\"datePublished\":\"2023-08-30T21:54:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/\"},\"wordCount\":792,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blteb1761b251b8e1ce\\\/64efabd028e9de55b69e3238\\\/android_rafapress_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/\",\"name\":\"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blteb1761b251b8e1ce\\\/64efabd028e9de55b69e3238\\\/android_rafapress_shutterstock.jpg\",\"datePublished\":\"2023-08-30T21:54:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blteb1761b251b8e1ce\\\/64efabd028e9de55b69e3238\\\/android_rafapress_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blteb1761b251b8e1ce\\\/64efabd028e9de55b69e3238\\\/android_rafapress_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/","og_locale":"en_US","og_type":"article","og_title":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-08-30T21:54:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps","datePublished":"2023-08-30T21:54:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/"},"wordCount":792,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/","url":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/","name":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg","datePublished":"2023-08-30T21:54:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blteb1761b251b8e1ce\/64efabd028e9de55b69e3238\/android_rafapress_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/chinese-group-spreads-android-spyware-via-trojan-signal-telegram-apps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Chinese Group Spreads Android Spyware Via Trojan Signal, Telegram Apps"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53471"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53471\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}