Also known as: Tailgator Team, Deputy Dog
Suspected attribution: China
Target sectors: U.S. government, and international law firms and information technology companies
Overview: Conducts network intrusion against targeted organizations.
Associated malware: BLACKCOFFEE
Attack vectors: The threat group took advantage of the ability to create profiles and post in forums to embed encoded CnC for use with a variant of the malware it used. This technique can make it difficult for network security professionals to determine the true location of the CnC, and allow the CnC infrastructure to remain active for a longer period.
IOC’s: Download from GitHub here.