Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific

Chinese 'Tropic Trooper' APT Targets Mideast Governments

In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically to entities that publish human rights studies.

Dark Reading Staff, Dark Reading

September 5, 2024

1 Min Read
Blue code on a black screen creating the shape of a skull
Source: James Thew via Alamy Stock Photo

An investigation into a China-linked advanced persistent threat (APT) group known as Tropic Trooper has revealed an espionage campaign targeting government entities in the Middle East.

The effort has been ongoing since June 2023, but the group itself has been active since 2011 and has a history of targeting government, healthcare, transportation, and high-tech sectors in Taiwan, the Philippines, and Hong Kong.

Now, however, Tropic Trooper has switched up its focus, targeting government entities that specifically publish human rights studies in the Middle East related to the Israel-Hamas war. Researchers at Kaspersky discovered the onslaught in June, after finding a new China Chopper Web shell variant on a public Web server hosting Umbraco, an open source content management system. 

After further investigation, the researchers discovered multiple malware sets on the public server, including post-exploitation tools, Web shells, and DLL search-order hijacking implants. The attack chain was designed to ultimately deliver a malware implant known as Crowdoor, the researchers concluded.

Read more about:

DR Global Middle East & Africa

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

A laptop screen showing a blue screen of death
Сloud Security
2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit
byJai Vijayan, Contributing Writer
Nov 12, 2024
6 Min Read
Red ZERO-DAY text amid yellow binary code
Cyberattacks & Data Breaches
Zero-Days Win the Prize for Most Exploited VulnsZero-Days Wins the Prize for Most Exploited Vulns
byDark Reading Staff
Nov 13, 2024
1 Min Read
Citrix logo on company building
Сloud Security
Citrix Patches Zero-Day Recording Manager BugsCitrix Patches Zero-Day Recording Manager Bugs
byJai Vijayan, Contributing Writer
Nov 12, 2024
5 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events