216.73.216.86

Tropic Trooper spies on government entities in the Middle East

· Published 05/09/2024 15:54 · Modified 05/09/2024 16:17

Export JSON

Essential information

Published
05/09/2024 15:54
Modified
05/09/2024 16:17
Tags
2024-09-05 bypassgodzilla china chopper crowdoor fscan neo-regeorg swor umbraco cms web shell
Related entities
7 observables, 1 intrusion sets (apt), 19 techniques (mitre), 5 malware, 2 others

Description

Tropic Trooper, a Chinese-speaking APT group active since 2011, has expanded its operations to target government entities in the Middle East. The group deployed a new variant of the on a compromised server, along with other post-exploitation tools and backdoor implants. The attackers used DLL search-order hijacking to load malicious payloads, including a loader called . The campaign focused on cyber espionage, targeting systems related to human rights studies in the region. This marks a strategic shift for Tropic Trooper, previously known for targeting Southeast Asian countries.

External references