[MART] - Daily Diary #611 - Earth Aughisky APT Group

[ctas-mat at appgate.com]

Hello,

I hope everyone is doing well!

Below is the entry for today.

10/10/2022 - Diary entry #611:

Earth Aughisky, also known as Taidoor, is a very active APT (Advanced Persistent Threat) group that has conducted cyberespionage campaigns for over a decade, aiming for specific targets from the government, telecom, manufacturing, heavy, technology, transportation, and healthcare sectors in Taiwan and, most recently, Japan.

During all these years in activity, Earth Aughisky employed many different backdoors such as SiyBot, TWTRAT, and DropNetClient (aka Buxzop) – all of them abuse different popular services such as Twitter and Dropbox for setting up their C2. The group was also linked to the activities of another APT tracked as Pitty Tiger (also known as APT24) and to a variety of malware families such as GrubbyRAT, K4RAT, LuckDLL, Serkdes, Taikite, and Talere.

That’s why APT groups differ from common threats. After gaining access, they focus on establishing a foothold for the long term. For that, they use different malware strains and tools for difficult attribution and evading security mechanisms.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



MART

Malware Analysis and Research Team

Appgate

E: ctas-mat at appgate.com<mailto:ctas-mat at appgate.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20221011/329a8b7d/attachment.htm>