Several US organizations appear to be victims of a widespread data reconnaissance campaign involving malware last associated with Comment Crew aka APT1, a Chinese military-linked group that is believed responsible for stealing data from dozens of American companies between 2006 and 2010.
The attack group behind the latest campaign has carried out at least five separate waves of attacks against organizations in various sectors, the latest in June.
Most of the targets have been in South Korea. But security vendor McAfee, which has been tracking the new threat, says its telemetry suggests that multiple organizations within the financial, healthcare communications, and government sectors in the US and Canada have been hit as well.
McAfee has christened the new campaign Oceansalt based on similarities between its malware and the