{"id":1402,"date":"2023-05-31T08:00:00","date_gmt":"2023-05-31T08:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=74383"},"modified":"2023-05-31T08:00:00","modified_gmt":"2023-05-31T08:00:00","slug":"southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/05\/31\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign\/","title":{"rendered":"Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v20.5 (Yoast SEO v20.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign | CyberScoop<\/title> <meta name=\"description\" content=\"A group called &quot;Dark Pink&quot; is likely based in Southeast Asia and shows signs of ongoing development and recent activity, researchers say.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/hacking-southeast-asia-dark-pink\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign\"> <meta property=\"og:description\" content=\"A group called &quot;Dark Pink&quot; is likely based in Southeast Asia and shows signs of ongoing development and recent activity, researchers say.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/hacking-southeast-asia-dark-pink\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-05-31T08:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2023-05-31T02:32:49+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"AJ Vicens\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@AJVicens\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/cdn.parsely.com\">\n<link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-0\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1684764845g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1685722702g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-4\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1685981853g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=172264176d4de0f97962\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/74383\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<link rel=\"wlwmanifest\" type=\"application\/wlwmanifest+xml\" href=\"https:\/\/cyberscoop.com\/wp-includes\/wlwmanifest.xml\">\n<meta name=\"generator\" content=\"WordPress 6.2.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=74383\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fhacking-southeast-asia-dark-pink%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fhacking-southeast-asia-dark-pink%2F&amp;format=xml\">\n<meta name=\"parsely-title\" content=\"Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign\"><br \/>\n<meta name=\"parsely-link\" content=\"http:\/\/cyberscoop.com\/hacking-southeast-asia-dark-pink\/\"><br \/>\n<meta name=\"parsely-type\" content=\"post\"><br \/>\n<meta name=\"parsely-image-url\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?w=150&amp;h=150&amp;crop=1\"><br \/>\n<meta name=\"parsely-pub-date\" content=\"2023-05-31T08:00:00Z\"><br \/>\n<meta name=\"parsely-section\" content=\"Geopolitics\"><br \/>\n<meta name=\"parsely-tags\" content=\"advanced persistent threat (apt),cyberespionage,dark pink\"><br \/>\n<meta name=\"parsely-author\" content=\"AJ Vicens\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-74383 single-format-standard\" id=\"readabilityBody\"> <svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-dark-grayscale\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncG type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncB type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-grayscale\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 1\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0 1\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-purple-yellow\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.54901960784314 0.98823529411765\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0.71764705882353 0.25490196078431\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-blue-red\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.27843137254902\" \/><feFuncB type=\"table\" tableValues=\"0.5921568627451 0.27843137254902\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-midnight\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 0\" \/><feFuncG type=\"table\" tableValues=\"0 0.64705882352941\" \/><feFuncB type=\"table\" tableValues=\"0 1\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-magenta-yellow\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.78039215686275 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.94901960784314\" \/><feFuncB type=\"table\" tableValues=\"0.35294117647059 0.47058823529412\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-purple-green\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.65098039215686 0.40392156862745\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0.44705882352941 0.4\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-blue-orange\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.098039215686275 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.66274509803922\" \/><feFuncB type=\"table\" tableValues=\"0.84705882352941 0.41960784313725\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg> <a href=\"https:\/\/cyberscoop.com\/hacking-southeast-asia-dark-pink\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.43023255814\">\n<div class=\"single-article__header-content\" readability=\"31.269076305221\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/geopolitics\/\"> <span>Geopolitics<\/span> <\/a> <\/li>\n<\/ul>\n<p> A group called &#8220;Dark Pink&#8221; is likely based in Southeast Asia and shows signs of development and ongoing activity, researchers say. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/southeast-asian-hacking-crew-racks-up-victims-rapidly-expands-criminal-campaign-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> A vendors looks at her phone in Hanoi on March 31. (Photo by Nhac Nguyen\/AFP via Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"28.907187718074\"><body readability=\"58.914817465999\"><\/p>\n<p>An additional five victims in an expanding set of countries has been added to the list of a likely southeast Asian hacking campaign discovered earlier this year, <a href=\"https:\/\/www.group-ib.com\/blog\/dark-pink-episode-2\/\" target=\"_blank\" rel=\"noreferrer noopener\">researchers with Group-IB said Wednesday<\/a>.<\/p>\n<p>Group-IB <a href=\"https:\/\/cyberscoop.com\/dark-pink-hacking-campaign-southeast-asia\/\" target=\"_blank\" rel=\"noreferrer noopener\">dubbed the group \u201cDark Pink\u201d<\/a> in a January analysis and said it likely represented an \u201centirely new [advanced persistent threat] group\u201d targeting a range of organizations across the Asia-Pacific region, and one in Europe, to steal corporate data and other high-value secrets. Additional research has revealed an additional five victims, expanding its operations to Belgium, Brunei and Thailand, the researchers said Wednesday. <\/p>\n<p>Along with the expanded operations, the campaign\u2019s operators have updated their tools and data exfiltration methods in operations as recent as this month, the researchers said, a sign \u201cthat the group shows no signs of slowing down.\u201d<\/p>\n<p>Group-IB has linked the campaign to attacks on 13 organizations to date across nine countries: Vietnam, Bosnia and Herzegovina, Cambodia, Indonesia, Malaysia, Philippines, Belgium, Thailand and Brunei. Targeted organizations include military bodies, government ministries and an educational institution, the company said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Group-IB has not attributed the campaign, but in January the <a href=\"https:\/\/mp.weixin.qq.com\/s\/G3gUjg9WC96NW4cRPww6gw\" target=\"_blank\" rel=\"noreferrer noopener\">Chinese security firm Anheng Hunting Labs linked the activity<\/a> \u2014&nbsp;which it tracks as the \u201cSaaiwc Group\u201d \u2014&nbsp;to an unnamed southeast Asian country. A <a href=\"https:\/\/blog.eclecticiq.com\/dark-pink-apt-group-strikes-government-entities-in-south-asian-countries#A1\" target=\"_blank\" rel=\"noreferrer noopener\">March analysis from EclecticIQ<\/a> noted some metadata that pointed to China, but said there was a lack of conclusive proof and characterized it as a \u201clow confidence\u201d attribution.\u201d<\/p>\n<p>The latest research shows that the campaign\u2019s operators have modified their KamiKakaBot malware \u2014 which is designed to steal sensitive information and data from targeted systems \u2014&nbsp;in apparent efforts to obfuscate static analysis.<\/p>\n<p>Dark Pink has also demonstrated new exfiltration methods. Previous research revealed that stolen data was sent to a Telegram chat in a zip archive, and also stolen using email or publicly available cloud services such as Dropbox, the researchers said. In a recent attack, however, the group exfiltrated data using the Webhook[.]site service, which can be used for <a href=\"https:\/\/www.mparticle.com\/blog\/apis-vs-webhooks\/\" target=\"_blank\" rel=\"noreferrer noopener\">legitimate<\/a> data communication and <a href=\"https:\/\/docs.webhook.site\/\" target=\"_blank\" rel=\"noreferrer noopener\">testing purposes<\/a>, but also abused to <a href=\"https:\/\/isc.sans.edu\/diary\/InfoStealer+Using+webhooksite+to+Exfiltrate+Data\/28088\" target=\"_blank\" rel=\"noreferrer noopener\">facilitate illicit data transfers<\/a>.<\/p>\n<p>That Dark Pink has added new victims in new countries in operations that remain ongoing suggests \u201cthe threat actors geography could be broader than initially thought,\u201d the Group-IB researchers said. \u201cThe fact that two attacks were executed in 2023 indicates that Dark Pink remains active and poses an ongoing risk to organizations. Evidence shows that the cybercriminals behind these attacks keep updating their existing tools in order to remain undetected.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/hacking-southeast-asia-dark-pink\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Southeast Asian hacking crew racks up victims, rapidly expands criminal<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[312,313,314,302],"tags":[315,316,317,306],"class_list":["post-1402","post","type-post","status-publish","format-standard","hentry","category-advanced-persistent-threat-apt","category-cyberespionage","category-dark-pink","category-geopolitics","tag-advanced-persistent-threat-apt","tag-cyberespionage","tag-dark-pink","tag-geopolitics"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/advanced-persistent-threat-apt\/\" rel=\"category tag\">advanced persistent threat (APT)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cyberespionage\/\" rel=\"category tag\">cyberespionage<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/dark-pink\/\" rel=\"category tag\">Dark Pink<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/geopolitics\/\" rel=\"category tag\">Geopolitics<\/a>","tag_info":"Geopolitics","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1402"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1402\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}