CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SPEAKER
Silvia Yeh
TeamT5 Cyber Threat Intelligence Team / Cyber Threat Analyst
Silvia Yeh works as a Cyber Threat Analyst at TeamT5 CTI team. Her research interests include: OSINT, China's cyber policies, as well as Advanced Persistent Threats (APTs) and Information Operations targeting the APAC region. She has given presentations at international conferences including Black Hat Asia, SANS CTI Summit 2022, CODE BLUE 2021, HITCON Pacific 2021, etc.
Speech
SEP 22
#
Threat Intelligence: APT41's New Subgroup? Dissecting Chinese APT "Tianwu" Latest Operations in the APAC Region
APT41 (aka Winnti, Amoeba) is a notorious Chinese APT group. In recent years, TeamT5 CTI team observes that the group has developed into multiple subgroups and it has posed a serious threat to companies in the APAC region. In this talk, we will cover an emerging Chinese APT group named "Tianwu," which was first spotted in 2020. We found that there are several TTPs overlap between Tianwu and APT41. Tianwu's proprietary tool, Pangolin8RAT, is a modular trojan that supports at least 8 communication protocols. Our talk will also provide our outlook on the group's future development as well as actionable intelligence for enterprises.