A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat (APT) group with ties to China.
The espionage activity, directed against a telecom company in the region, is said to have commenced on August 19, 2021 through the successful exploitation of ProxyShell flaws in the Microsoft Exchange Server.
Initial compromise leveraged binaries