<ul><li>UAT-5918, an info-stealing threat actor, targets Taiwan using web shells and open-source tools for persistence, info theft, and credential harvesting.</li><li>The group exploits N-day vulnerabilities in unpatched servers for long-term access and conducts post-compromise activities manually.</li><li>APT UAT-5918 deploys web shells, creates admin accounts, and uses tools like Mimikatz and Impacket for lateral movement and credential theft.</li><li>Talos researchers link UAT-5918 to Chinese APT groups based on TTP overlaps and shared tooling and tactics.</li></ul>

UAT-5918 ATP group targets critical Taiwan

Discover more