China-aligned threat actor is conducting widespread cyberespionage campaigns

Read post on therecord.media

The threat group PlushDaemon uses routers and other network device implants to redirect domain name system (DNS) queries to malicious external servers which take over updates to unleash tools used for cyberespionage.