Skip to content

Chinese Attackers Deploy New Atlas-RAT Malware in European Campaigns

In a nutshell: Chinese hacker groups are targeting European organizations for the first time with newly discovered Atlas-RAT malware, signaling geographic escalation of known APT operations.

A Chinese-speaking hacker group is expanding its attack surface to European targets, leveraging previously undocumented malware as well as the Atlas backdoor tool. This marks a geographic expansion of known attack patterns.

A Chinese-speaking cybercrime group has for the first time systematically expanded its target countries to include European organizations. The attacks employ Atlas-RAT (Remote Access Trojan), a previously undocumented malicious program that enables deep control over compromised systems.

The Atlas backdoor allows attackers to remotely administer compromised hosts, which is leveraged for sensitive data exfiltration and lateral movement within networks. The campaigns demonstrate professional infrastructure and temporally coordinated attack patterns, indicating organized actors with substantial resources.

For CISOs, this development signals a shift in the threat landscape: European organizations that have previously focused primarily on Western or regionally limited attackers must now contend with sophisticated APT-like operations from East Asia. At the same time, the previous lack of knowledge about Atlas-RAT complicates detection – security tools must be retroactively updated with signatures and indicators. Enhanced network monitoring, threat intelligence subscriptions for Chinese attack groups, and more frequent penetration tests assuming state-sponsored-like scenarios are recommended.


Source: www.bleepingcomputer.com · Published June 3, 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.

Share on: