Port 22

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems. Attributing the intrusions to a threat actor namedPKPLUG(akaMustang Pandaand HoneyMyte), Palo Alto Networks' Unit 42 threat intelligence team