Submitted by: Daryl Haegley, Director, Mission Assurance & Cyber Deterrence at Dod
A threat actor believed to be operating out of China has been targeting physically isolated military networks in Taiwan and the Philippines, Trend Micro reports.
Tracked as Tropic Trooper < https://www.securityweek.com/operation-tropic-trooper-hits-targets-taiwan-philippines-trend-micro > and KeyBoy, and active since at least 2011, the threat actor is known for the targeting of government, military, healthcare, transportation, and high-tech industries in Taiwan < https://www.securityweek.com/cyberspies-target-taiwan-government-energy-sector > , the Philippines, and Hong Kong.
Previously, the group was observed targeting victims with spear-phishing emails containing malicious attachments designed to exploit known vulnerabilities < https://www.securityweek.com/keyboy-abuses-popular-office-exploits-malware-delivery > , such as CVE-2017-0199
Thanks to =>
Mike Walsh from CyberX Labs
=> for forwarding