Chinese-Speaking APT Deploys New TinyRCT Backdoor Targeting Southeast Asian Government and Critical Infrastructure

A Chinese-speaking advanced persistent threat (APT) actor has deployed a new custom backdoor named TinyRCT in cyberattacks targeting government entities and critical infrastructure in Southeast Asia. The campaign specifically focuses on state-owned enterprises within the energy and government sectors. The activity has been attributed to a threat actor identified as CL-STA-1062 by Palo Alto Networks. No specific dates, technical indicators, or CVE IDs were disclosed in the reported findings. The attacks aim to compromise high-value targets in the region, though the exact impact remains unspecified.