Chinese Hacker Group Silver Fox Uses Fake Websites to Spread Malware

A new campaign is using fake websites promoting popular software such as WPS Office, Sogou, and DeepSeek to distribute the Sainbox RAT and the open-source rootkit Hidden. This activity is attributed with moderate confidence to a Chinese hacker group called Silver Fox (alias Void Arachne), due to similarities in techniques used with previous campaigns attributed to the same actor.