Symantec recently reported on activity attributed to a threat actor group dubbed Carderbee. In the campaign, the threat actors target entities in Hong Kong and other regions of Asia via a supply chain attack leveraging the legitimate Cobra DocGuard software. The activity began as early as September 2022.
There are currently no families associated with this actor.
Chinese State-Sponsored Cyber Espionage Activity Targeting Semiconductor Industry in East Asia
PolySwarm Tech Team
Carderbee Targets Hong Kong in Supply Chain Attack
Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong