CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
In this session, we'll be talking about an APT group that targets organizations in Taiwan -- the Tropic Trooper, which is dubbed ""Earth Centaur"" by Trend Micro. As our research shows, there has been a new wave of attacks from this group since July 2020. Multiple government agencies and transportation companies have been targeted. This group uses open-source frameworks to create customized backdoors (such as SmileSvr, ChiserClient, and Lilith RAT) specifically tailored to individual targets. Its TTPs indicate that this APT group is good at bypassing standard security products and is able to clean up its tracks after the attacks. According to our observation, this campaign has been going on for at least over a year now. We will give an overview of the attack chain of Earth Centaur and introduce the tools and malware it uses.
Ted Lee is a threat intelligence researcher with multiple years experience in cyber security industry. Currently, he is committed to APAC-based APT (Advanced Persistence Attack) research. Expertise in cyber threat hunting and reverse engineering.
Vickie Su is a threat researcher at Trend Micro with expertise in reverse engineering, malware analysis, APT investigation, and threat intelligence.
Nick Dai is a threat researcher at Trend Micro with expertise in reverse engineering, malware analysis, APT investigation, and threat intelligence.