SparklingGoblin’s SideWalk Hints Toward the Maker of CrossWalk
The new SideWalk backdoor in a recent campaign by a Chinese APT found sharing multiple similarities with CrossWalk, another backdoor used by the group. SideWalk and CrossWalk share a resemblance in anti-tampering techniques, threading model, data layout, and the way data is managed during the execution, etc. It is very important for security agencies to keep an eye on this threat to avoid repercussions in the aftermath of an attack.
