APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing Attacks
China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy.
APT41 is a China-linked threat group associated with cyberespionage, financial crime, and attacks on organizations across multiple sectors.
Search across headline titles and summaries.
Background for this topic.
APT41 is a Chinese cyber threat group known for combining state-sponsored espionage with financially motivated cybercrime. It targets industries such as healthcare, telecommunications, and technology by exploiting software vulnerabilities and deploying custom malware to maintain long-term access. The group’s operations often involve stealing intellectual property and conducting supply chain compromises.
Security teams should prioritize patching known vulnerabilities exploited by APT41 and monitor for signs of credential theft and lateral movement within networks. Because the group blends legitimate administrative tools with malicious activity, detecting their presence requires careful analysis of unusual access patterns and behavior anomalies. Understanding APT41’s tactics helps defenders anticipate multi-faceted attacks that mix espionage objectives with profit-driven intrusions.
China-linked APT41 group targeted a Taiwanese media organization and an Italian job agency with standard, open source penetration test tools, in a change in strategy.
The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media and an Italian job search company. [...]
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google's infrastructure for malicious ends