
Red Menshen: A Look into the Chinese Cyber Espionage Threat
BPFDoorRed Dev 18
Red Menshen, a China based threat actor, which has been observed targeting telecommunications providers across the U.S, Turkey, Middle East and Asia, as well as entities in the government, education, and logistics sectors using a custom backdoor referred as BPFDoor.
Indicators of Compromise
No domains found for this campaign
APT Groups1
Red MenshenChina
RedDev18Red Dev 18
Campaign Guidance
Remediation, mitigation, notes, history and related intelligence
Backdoor:Linux/BPFDoor.E!MTB REF
Detected by Microsoft Defender Antivirus
Aliases: No associated aliases
Summary
Microsoft Defender Antivirus detects and removes this threat.
This threat can give a malicious hacker unauthorized access and control of your PC.
What to do now
Use the following free Microsoft software to detect and remove this threat:
Windows Defender for Windows 10 and 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
Microsoft Safety Scanner
You should also run a full scan. A full scan might find other hidden malware.
Get more help
You can also see our advanced troubleshooting page for more help.
If you’re using Windows XP, see our Windows XP end of support page.
Reports & References2
Observed Countries7
HK (972)
IN (394)
KR (932)
MM (17)
TR (380)
US (237)
VN (367)