The BlueShell malware was found being used by various threat actors to target systems running Windows, Linux, and other operating systems in Korea and Thailand. The Dalbit Group, a China-based threat group, has been identified as using a customized version of BlueShell. To mitigate such threats, organizations should prioritize regular system patching, implement robust intrusion detection systems, and enhance server security measures.