WorldAsia-OceaniaCyberespionage against high-profile organisations in Asia-Pacific

Cyberespionage against high-profile organisations in Asia-Pacific

Type of event:
Cyberespionage

Victims

Wounded

Date

July 18, 2024

What happened

A new group, TAG-100, is targeting high-level government and private organizations in the Asia-Pacific region with a cyberespionage campaign. They use open source remote access tools and various devices connected to the Internet to access networks initially. Researchers from the Insikt Group of Recorded Future discovered the group but failed to attribute the activity to a specific country. The victims include diplomatic, intergovernmental, religious and political entities in countries such as Cambodia, Djibouti, Indonesia, Taiwan and the United States. TAG-100 used Pantegana and SparkRAT backdoors to compromise systems, leveraging products from Citrix, Microsoft, and Cisco. The use of open source tools facilitates the involvement of proxy groups or private contractors.

Where it happened

Main sources