Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Ambitious Attacks Against High Level Targets Continue

Symantec Threat Intelligence: Thrip: Ambitious Attacks Against High Level Targets Continue

Since Symantec first exposed the Thrip group in 2018, the stealthy China-based espionage group has continued to mount attacks in South East Asia, hitting military organisations, satellite communications operators, and a diverse range of other targets in the region.

The group has attacked at least 12 organisations, all located within South East Asia. Its targets have been located in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam.

A diverse range of targets have been attacked over the past year, most notably military targets in two different countries. It has also attacked organisations in the maritime communications, media, and education sectors.

One of the most alarming discoveries we made in our original Thrip research was that the group had targeted a satellite communications operator and seemed to be interested in the operational side of the company, looking for and infecting computers running software that monitored and controlled satellites. Significantly, Thrip has continued to target organisations in the satellite communications sector, with evidence of activity dating to as recently as July 2019.

Much of this recent activity was uncovered by Symantec following the discovery of a Thrip tool, a backdoor called Hannotog which appears to have been used since at least January 2017. It was first detected in an organisation in Malaysia, where it triggered an alert for suspicious WMI activity with our Targeted Attack Analytics (TAA) technology, available in Symantec Endpoint Detection and Response (EDR).


Figure 1. Hannotag was first discovered when it triggered a Targeted Attack Analytics (TAA) alert for suspicious WMI activity

To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/thrip-apt-south-east-asia


ends

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Reserve Bank: Official Cash Rate Unchanged At 1 Percent

The Monetary Policy Committee has decided to keep the Official Cash Rate (OCR) at 1.0 percent. Employment remains around its maximum sustainable level while inflation remains below the 2 percent target mid-point but within our target range... More>>

ALSO:

Food Prices: Avocados At Lowest Price In Almost Three Years

Avocados are at their cheapest average price since February 2017, with tomato, lettuce, and cucumber prices also falling, Stats NZ said today. More>>

Auckland Port Move: Cabinet Ministers Deliberate On Report

Cabinet ministers now have a copy of a report urging the government to move the Auckland port up north, but say no final decisions have been made. More>>

ALSO:

Toxicology Tests Planned: Dead Rats Washed Up On Beaches

As many as 600 rats washed up on Westport's North Beach over the weekend to the horror of locals. DOC said they may have been killed by a recent 1080 poison drop 140km away and washed down the Buller River after heavy rain battered the coast. More>>

ALSO: