Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. 
The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand