WorldAsia-OceaniaCyberespionage against high-profile organisations in Asia-Pacific

Cyberespionage against high-profile organisations in Asia-Pacific

Type of event:
Cyberespionage
Threat LensTechnologyWorldAsia-Oceania
By Michele Calicchio

Victims

Wounded

Date

July 18, 2024

What happened

A new group, TAG-100, is targeting high-level government and private organizations in the Asia-Pacific region with a cyberespionage campaign. They use open source remote access tools and various devices connected to the Internet to access networks initially. Researchers from the Insikt Group of Recorded Future discovered the group but failed to attribute the activity to a specific country. The victims include diplomatic, intergovernmental, religious and political entities in countries such as Cambodia, Djibouti, Indonesia, Taiwan and the United States. TAG-100 used Pantegana and SparkRAT backdoors to compromise systems, leveraging products from Citrix, Microsoft, and Cisco. The use of open source tools facilitates the involvement of proxy groups or private contractors.

Where it happened

Main sources

https://therecord.media/tag-100-espionage-hacking-backdoors-asia-pacific?utm_medium=email&_hsenc=p2ANqtz-94LMJehGEZC-NpJULkgMX7NJvQgluEuz2xmjjZTXwerthymv9qs0Xvn9rygOMda2-4Vq5XEujBp4dMA5Jlci-L9hA9hx2x96V-lqRjPR6syfQMSmY&_hsmi=316362750&utm_content=316362207&utm_source=hs_email

Join us on Linkedin and Facebook

Our team provides you with information on a wide range of unconventional events threatening people and State security worldwide.
The GAT-REPORT is realised by the Observatory on Security and CBRNE Defence - OSDIFE, the University of Rome "Tor Vergata", Department of Electronic Engineering - DIE and the State University of Republic of San Marino, Center for Security Studies – CUFS, and the European Centre for Disaster Medicine – CEMEC.

CC licence by OSDIFE. Some rights reserved. Attribution-NonCommercial-NoDerivatives 4.0 International