Silver Dragon Targets Organizations in Southeast Asia and Europe

Check Point Research tracks 'Silver Dragon', a sophisticated Chinese‑nexus APT active since mid‑2024 against government and high‑profile targets in Southeast Asia and Europe; the group achieves initial access via public‑facing server exploits and phishing, deploys Cobalt Strike via custom loaders (MonikerLoader, BamboLoader), and uses bespoke tools including GearDoor (Google Drive C2), SilverScreen (screen capture), and SSHcmd, with numerous IoCs provided.