Campaigns
Red Menshen: A Look into the Chinese Cyber Espionage Threat

Red Menshen: A Look into the Chinese Cyber Espionage Threat

BPFDoorRed Dev 18
Red Menshen, a China based threat actor, which has been observed targeting telecommunications providers across the U.S, Turkey, Middle East and Asia, as well as entities in the government, education, and logistics sectors using a custom backdoor referred as BPFDoor.

Indicators of Compromise

No domains found for this campaign

APT Groups1

Red MenshenChina
RedDev18Red Dev 18

Campaign Guidance

Remediation, mitigation, notes, history and related intelligence

Backdoor:Linux/BPFDoor.E!MTB  REF
Detected by Microsoft Defender Antivirus
Aliases: No associated aliases

Summary
Microsoft Defender Antivirus detects and removes this threat.

This threat can give a malicious hacker unauthorized access and control of your PC.

What to do now
Use the following free Microsoft software to detect and remove this threat:

Windows Defender  for Windows 10 and 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
Microsoft Safety Scanner
You should also run a full scan. A full scan might find other hidden malware.

Get more help
You can also see our advanced troubleshooting page for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Reports & References2

Observed Countries7

HK (972)
IN (394)
KR (932)
MM (17)
TR (380)
US (237)
VN (367)