Chinese Cybercrime Group TA4922 Expands Global Operations with Record Campaign Pace
A Chinese-speaking cybercrime group, identified as TA4922, has been intensifying its activities and expanding its reach to new geographical areas, according to cybersecurity firm Proofpoint. The group is known for its sophisticated social engineering tactics and has been deploying various malware families, including the SilentRunLoader and ValleyRAT, to exfiltrate data and conduct credential phishing. TA4922 has historically targeted organizations in Asia, but recent campaigns have expanded to include European countries such as the UK, Germany, and Italy, as well as South Africa. The group has been observed using HR and payroll themes to lure victims into downloading malicious payloads or sharing credentials. Proofpoint notes that TA4922 conducts more unique campaigns than any other tracked cybercrime threat actor, indicating a high operational tempo and diverse objectives. 
