The advanced persistent threat (APT) attackers behind the newly revealed Operation Shady RAT also deployed a tool called HTran that helps disguise their location.
Joe Stewart, director of malware research for Dell SecureWorks' counter threat unit research team, who has been studying some 60 different families of malware used by APT attackers in their cyberespionage attacks, recently discovered a pattern in which many of these attackers use this tool, written 10 years ago by a Chinese hacker, to hide their whereabouts. Stewart, who published research on HTran use today in APT malware, said the Operation Shady RAT attackers are among those who use the tool for camouflaging purposes.

The link for this article located at Information Week is no longer available.