A new malware developed by China is on the prowl on the web and is seen targeting Japanese companies for now. According to a research carried out by NTT Security, Flagpro is in the wild from Oct’20 and was found targeting companies operating in defense technologies, media and communication sectors.
BlackTech Cyber Espionage APT group linked to Chinese intelligence was found distributing Flagpro in two stages via Phishing emails. First it sneaks into the network to evaluate the target defense-line and then a second stage malware is then induced and executed to conduct espionage, data steal and such.
BlackTech, a connected wing of another APT group dubbed WaterBear, was seen targeting computing device manufactures from Taiwan who was into the manufacturing of devices such as tablets, laptops and processor embedded smart TVs.
It first targeted the manufacturing segments of computing devices and tried its best to get into the network and then to the newly manufactured products.
Trend Micro tracked down the Flagpro malware developed by BlackTech in 2017 and found that its initial focus was on Taiwan and then spread to Japan and Hong Kong.
Cybersecurity Researchers from NTT also discovered that BlackTech has already invested a team of developers in devising new malware and Spider RAT and SelfMake Loader are the latest ones to be doing rounds on the web from the past few weeks.