PHOREAL/RIZZO is a backdoor allowing initial victim characterization and follow-on post-exploitation operations to compromise the confidentiality of organizations' data. It has been reported in other research as being used exclusively by APT32 (AKA SeaLotus, OceanLotus, APT-C-00, Group G0050). APT32 largely targets victims with political or economic interests in Southeast Asia, specifically 🇻🇳 Vietnam. #windows #malware #financial #vietnam #political #asia #economic #informatique

https://elastic.github.io/security-research/intelligence/2022/03/02.phoreal-targets-southeast-asia-financial-sector/article/