They’ve been an active threat group since 2011, but a recent uptick in activity from Earth Centaur – previously known as Tropic Trooper – aimed specifically at transportation and government agencies is setting off alarm bells among experts.
Trend Micro researchers have been tracking
Tropic Trooper’s resurgence, which began in July 2020 and has recently included troubling attempts to breach sensitive transportation-related data like flight schedules and financial planning documents.
The analysts were able to attribute the new Earth Centaur activity to Tropic Trooper after finding similar code in configuration decoding, they reported.
“Currently, we have not discovered substantial damage to these victims as caused by the threat group,” Trend Micro’s analysts explained. “However, we believe that it will continue collecting internal information from the compromised victims and that it is simply waiting for an opportunity to use this data.”
threatpost.com
