Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- 6 New Vulnerabilities Found on D-Link Home Routers
June 12, 2020
On February 28, 2020, Palo Alto Networks’ Unit 42 researchers discovered six new vulnerabilities in D-Link wireless cloud routers running their latest firmware. The vulnerabilities were found in the DIR-865L model of D-Link routers, which is meant for home network use. The current trend towards working from home increases the likelihood of malicious attacks against home ...
- Android ‘ActionSpy’ Malware Targets Turkic Minority Group
June 12, 2020
Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites. Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The Uyghurs, a Turkic minority ethnic group affiliated with Central and East Asia, have previously been targeted in spyware attacks. Though ...
- Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware
June 11, 2020
Industrial control networks are coming under attack from a range of ransomware attacks, security researchers have warned, after an experiment revealed the speed at which hackers are uncovering vulnerabilities in critical infrastructure. Security company Cybereason built a ‘honeypot’ designed to look like an electricity company with operations across Europe and North America. The network was made to ...
- Gamaredon hackers use Outlook macros to spread malware to contacts
June 11, 2020
New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. The threat actor disables protections for running macro scripts in Outlook and to plant the source file for the spearphishing attacks that spread malware to other victims. Gamaredon ...
- Hackers breached A1 Telekom, Austria’s largest ISP
June 11, 2020
A1 Telekom, the largest internet service provider in Austria, has admitted to a security breach this week, following a whistleblower’s exposé. The company admitted to suffering a malware infection in November 2019. A1 said its security team detected the malware a month later, but that removing the infection was more problematic than it initially anticipated. From December ...
- City of Knoxville shuts down network after ransomware attack
June 11, 2020
The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in 2015. Read ...