Chinese ‘Tropic Trooper’ APT Targets Mideast Governments

Share This Post

An investigation into a China-linked advanced persistent threat (APT) group known as Tropic Trooper has revealed an espionage campaign targeting government entities in the Middle East.

The effort has been ongoing since June 2023, but the group itself has been active since 2011 and has a history of targeting government, healthcare, transportation, and high-tech sectors in Taiwan, the Philippines, and Hong Kong.

Now, however, Tropic Trooper has switched up its focus, targeting government entities that specifically publish human rights studies in the Middle East related to the Israel-Hamas war. Researchers at Kaspersky discovered the onslaught in June, after finding a new China Chopper Web shell variant on a public Web server hosting Umbraco, an open source content management system. 

After further investigation, the researchers discovered multiple malware sets on the public server, including post-exploitation tools, Web shells, and DLL search-order hijacking implants. The attack chain was designed to ultimately deliver a malware implant known as Crowdoor, the researchers concluded.

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt5d14bc32038587c8/66da05ec670b1c01e6eac5b1/malware1800_James_Thew_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop

This post was originally published on this site

More Articles

Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.