Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering and Maritime Ind

Faybert

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Intrusions Focus on the Engineering and Maritime Sector
Since early 2018, FireEye (including our FireEye as a Service
(FaaS), Mandiant Consulting, and iSIGHT Intelligence teams) has been
tracking an ongoing wave of intrusions targeting engineering and
maritime entities, especially those connected to South China Sea
issues. The campaign is linked to a group of suspected Chinese cyber
espionage actors we have tracked since 2013, dubbed TEMP.Periscope.
The group has also been reported as “Leviathan
by other security firms.
..
..
Click to expand...
TTPs and Malware Used
In their recent spike in activity, TEMP.Periscope has leveraged a
relatively large library of malware shared with multiple other
suspected Chinese groups. These tools include:

  • AIRBREAK: a
    JavaScript-based backdoor also reported as “Orz” that retrieves
    commands from hidden strings in compromised webpages and actor
    controlled profiles on legitimate services.
  • BADFLICK: a
    backdoor that is capable of modifying the file system, generating a
    reverse shell, and modifying its command and control (C2)
    configuration.
.....
.....
.....
Click to expand...
 
  • Like
Reactions: harlan4096
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
Mandiant details Chinese cyber espionage hackers evolve stealth tactics to avoid detection
Replies
0
Views
941
News Archive
[correlate]
[correlate]
[correlate]
    • Like
China-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key Sectors
Replies
0
Views
1,021
News Archive
[correlate]
[correlate]
Bot
    • Applause
    • Like
Security News DOJ Indicts Chinese Nationals Belonging to Chinese State-Backed Hacking Group APT31
Replies
0
Views
857
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top