Events
RSS

【BlackHat Asia】TeamT5 Will Give Talks on Notable APTs

4.25.2022TeamT5 Media Center
Share:
This year, Black Hat Asia is held online and in-person, May 10-13, 2022 in Singapore Time (UTC+8). Our analysts & researchers give 2 speeches on recent notable APTs.
One talk “To Loot or Not to Loot? That Is Not a Question When State-Nexus APT Targets Online Entertainment Industry” is given by Che Chang (Cyber Threat Analyst) and Charles Li (Chief Analyst).
This talk will focus on APT's targeted attack against online entertainment companies which have solid cash flow and a massive amount of personal data. In the talk, we will dissect more than 20 targeted attack operations TeamT5 has tracked since 2018. The analysis shows technical links between these targeted attacks and the infamous Chinese APT, including APT10 (aka menuPass), APT41 (aka Winnti, Amoeba), and APT27 (aka GreedyTaotie). The presentation will cover these attacks' Tactic Technique and Procedures (TTPs) as we have seen those APT groups adopt different TTPs aimed at the online entertainment industry. We believe that these APT attacks are the preliminary work of the Chinese government.
The other talk “The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT” is given by Silvia Yeh (Threat Intelligence Analyst) and Leon Chang (Threat Intelligence Researcher).
Since mid-2020, TeamT5 has detected a new modular trojan emerging in the APAC region which has the potential to be their successor. We name this trojan "Pangolin8RAT" because its PDB string contains "pangolin" and its RTTI contains "p8rat."
Its early features supported 8 communication protocols, including TCP, HTTPS, UDP, DNS, ICMP, HTTPSIPV6, WEB, and SSH. Pangolin8RAT has only been associated with a Chinese APT group we track as "Tianwu." In this talk, they will also give a brief attack timeline of Pangolin8RAT/Tianwu from 2020 to 2021 as well as our outlook on the group's future development.
About Black Hat Asia
Black Hat is the world’s leading information security event, and remains the best and biggest event of its kind. It provides attendees with cutting-edge security research, development and trends, and has the ability to define tomorrow’s information security landscape. Black Hat Asia is an Black Hat extended event which is held in Singapore annually.
https://uploads.teamt5.org/upload/original/20220412_Black-Hat-Asia-%E5%AE%A3%E5%82%B3_-facebook.jpg
4.25.2022TeamT5 Media Center
Share: