Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- Phishing campaign targets organizations in COVID-19 vaccine cold chain
December 3, 2020
IBM’s cyber-security division says that hackers are targeting companies associated with the storage and transportation of COVID-19 vaccines using temperature-controlled environments — also known as the COVID-19 vaccine cold chain. The attacks consisted of spear-phishing emails seeking to collect credentials for a target’s internal email and applications. Targets of the attacks included a wide variety of companies, ...
- Ransomware gang says they stole 2 million credit cards from E-Land
December 3, 2020
Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store. Last month, E-Land Retail had to shut down 23 NC Department Store and New ...
- From Geost to Locker: Monitoring the Evolution of Android Malware Obfuscation
December 3, 2020
In 2019, I looked into Geost, an Android trojan with interesting layers of obfuscation. This entry serves to show how its obfuscation method has evolved by comparing my findings from 2019 with new samples from 2020. It is also part of a larger research endeavor done with Masarah Paquet-Clouston, Maria Jose Erquiaga, and Sebastian Garcia. Our ...
- Kmart, Latest Victim of Egregor Ransomware
December 3, 2020
Retail stalwart Kmart has suffered a ransomware attack at the hands of the Egregor gang, according to a report. The incident has encrypted devices and servers connected to the company’s networks, knocking out back-end services, according to BleepingComputer. The outlet obtained the purported ransom note that claims to have compromised Kmart’s Windows domain. The company was purchased ...
- APT annual review: What the world’s threat actors got up to in 2020
December 3, 2020
Beyond Windows While Windows continues to be the main focus for APT threat actors, we have observed a number of non-Windows developments this year. Last year we reported a malware framework called MATA that we attribute to Lazarus. This framework included several components such as a loader, orchestrator and plug-ins. In April, we learned that MATA ...
- Brazilian aerospace firm Embraer hit by cyberattack
December 2, 2020
Brazilian aerospace and defence group Embraer has been targeted by a cyberattack that has impacted the company’s operations. According to a statement released by the global firm on Monday (30) the attack resulted in the “disclosure of data allegedly attributed to the company”. The incident was reported five days after it took place to the Brazilian Securities ...