New NAPLISTENER Malware Used by REF2924 Group to Evade Network Detection

The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia.
The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection."
REF2924 is the moniker assigned to an activity cluster linked to attacks against an entity

asia attacks cluster detection elastic elastic security elastic security labs entities evade forms http labs listener malware naplistener network network detection ref2924 security south southeast asia threat threat group