September 5, 2024 at 01:09PM
Tropic Trooper, a threat actor also known as APT23, Earth Centaur, KeyBoy, and Pirate Panda, has targeted government entities in the Middle East and Malaysia since June 2023. Kaspersky detected the cyber campaign in June 2024, using a new version of China Chopper web Shell, targeting human rights studies. The attack was ultimately unsuccessful.
Based on the meeting notes, the key takeaways are:
1. A threat actor known as Tropic Trooper has been conducting a persistent cyber campaign targeting unnamed government entities in the Middle East and Malaysia since June 2023.
2. Tropic Trooper utilized a new version of the China Chopper web Shell, hosted on a public web server, to orchestrate the attack.
3. The attack aimed to deliver a malware implant named Crowdoor, a variant of the SparrowDoor backdoor, with efforts ultimately being unsuccessful.
4. Tropic Trooper is known for targeting government, healthcare, transportation, and high-tech industries in Taiwan, Hong Kong, and the Philippines, and has close ties with another intrusion set tracked as FamousSparrow.
5. The significance of this intrusion lies in the sighting of a Chinese-speaking actor targeting a content management platform that published studies on human rights in the Middle East, specifically focusing on the situation around the Israel-Hamas conflict.
If you need further details or analysis, feel free to ask.