IcePeony Hackers Exploit Web Servers with Stealthy Webshell Attacks

The newly discovered China-nexus APT group, “IcePeony,” has been active since 2023, targeting entities in India, Mauritius, and Vietnam, whose attack chain begins with SQL injection, leading to webshell and backdoor compromise.  A unique custom IIS malware, “IceCache,” is employed in their operations, as an extensive analysis strongly suggests IcePeony’s Chinese origin and operates under … Continue reading IcePeony Hackers Exploit Web Servers with Stealthy Webshell Attacks