Antlion (Threat Actor)

SYMBOL	COMMON_NAME	aka. SYNONYMS

Antlion (Back to overview)

Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has lasted over the course of at least 18 months.

Associated Families

win.xpack

References

2022-02-06 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor
xPack

2022-02-03 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan
MimiKatz xPack Antlion

2021-12-14 ⋅ Trend Micro ⋅ Nick Dai, Ted Lee, Vickie Su
Collecting In the Dark: Tropic Trooper Targets Transportation and Government
ChiserClient Ghost RAT Lilith Quasar RAT xPack APT23

Credits: MISP Project