Taipei / FIRSTCON, June 14, 2026 — TeamT5, a leading threat intelligence company, today delivered a presentation at the FIRSTCON on June 16, one of the world’s premier incident response and cybersecurity events. The session focused on cybercrime campaigns leveraging short-video platforms and cryptocurrency applications. TeamT5 also showcased its latest ThreatVision Cybercrime Intelligence offering, aimed at helping organizations stay ahead of threats and reduce potential financial and reputational damage.
TeamT5 Experts Analyze Emerging Cybercrime Tactics
Telegram has emerged as a major hub in the underground cybercrime ecosystem. In TeamT5’s talk, we will present firsthand observations from our analysis of how malware is advertised and sold in Chinese Telegram channels. As short‑video platforms and cryptocurrency apps gain popularity, we’ve seen threat actors increasingly exploit these trends to trick users into installing malicious software.
We will share two recent campaigns — one aimed at users in China and Malaysia, and another targeting South Korea — both of which distribute trojanized APKs masquerading as legitimate apps. By examining these operations, we aim to clarify how threat actors function in these regions and how they leverage trusted platforms to broaden their reach.
From Cybercrime to APT Threats: Anticipating Attack Risks with ThreatVision
Cybercrime is one of the most serious challenges facing the global digital economy. Many organizations remain constrained by the final stages of the Cyber Kill Chain, responding only after alerts are triggered. Built on TeamT5’s long-term threat research, ThreatVision Cybercrime Intelligence tracks criminal communities, ransomware activity, attack tools, and relevant APT-related infrastructure, techniques, and targeting shifts. It helps organizations identify risk signals earlier and support intelligence-driven defense planning.
ThreatVision monitors high-risk activity across the Deep & Dark Web, Telegram, criminal communities, and other underground sources. By analyzing ransomware activity, data leaks, criminal services, adversary behavior, and APT-related context where relevant, it turns fragmented signals into intelligence for risk assessment, threat hunting, incident investigation, and response planning.
- Deep & Dark Web and Cybercrime Community Monitoring: Tracks high-risk underground activity to identify operational risk signals and potential APT-related links .
- Intelligence Analysis and IoC Extraction: Turns cybercrime activity into contextual intelligence and actionable IoCs for investigation, response, and remediation.
Understanding Criminal Community Dynamics: ThreatVision Cybercrime Intelligence Enables Proactive Defense
Criminal communities, ransomware groups, and APT operations do not always have clear boundaries. Similar tools, infrastructure, or techniques may appear across operations with different objectives. ThreatVision Cybercrime Intelligence helps organizations connect these signals, track ransomware activity, data leaks, attack tools, and criminal ecosystem dynamics, and turn them into intelligence for risk assessment and defense planning.
- Expert In-depth Analysis: Provides context and supporting evidence beyond standard alerts.
- Adversary Profiling: Profiles ransomware groups and criminal ecosystems.
- Attack Techniques and Tactics: Tracks attack tools, technique changes, and target selection.
- Intelligence-driven Decision Making: Connects intelligence to operational risk and strategy development.
With ThreatVision Cybercrime Intelligence, organizations can identify risk signals earlier, guide defensive resources, accelerate investigations and threat hunting, and strengthen long-term cyber resilience.
About TeamT5
TeamT5 is a threat intelligence research team focused on the Asia-Pacific region. Leveraging Taiwan’s geographic position, language capabilities, and over two decades of research experience, TeamT5 specializes in the analysis of major threats such as APT activity and ransomware, providing regionally grounded threat intelligence to government, financial, and technology sectors.
With research at its core, TeamT5 continuously tracks the evolution of threat behavior and attack techniques, organizing complex activity into clear risk context. By monitoring both emerging and unknown threats and analyzing attacker behavior, TeamT5 helps organizations identify risks earlier, reduce exposure time, and strengthen preparedness. Research findings are shared across international security forums, while long-term partnerships are built on trust and practical collaboration.
- Media Inquiries & Business Partnerships: [email protected]