Antlion  (Back to overview)

Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has lasted over the course of at least 18 months.

---

Associated Families

---

References

2022-02-06 ⋅ The Hacker News ⋅ Ravie Lakshmanan @online{lakshmanan:20220206:chinese:e5193ae, author = {Ravie Lakshmanan}, title = {{Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor}}, date = {2022-02-06}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/02/chinese-hackers-target-taiwanese.html}, language = {English}, urldate = {2022-02-09} } Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor xPack

2022-02-03 ⋅ Symantec ⋅ Symantec Threat Hunter Team @online{team:20220203:antlion:f2f0600, author = {Symantec Threat Hunter Team}, title = {{Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan}}, date = {2022-02-03}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/china-apt-antlion-taiwan-financial-attacks}, language = {English}, urldate = {2022-02-04} } Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan MimiKatz xPack Antlion

2021-12-14 ⋅ Trend Micro ⋅ Nick Dai, Ted Lee, Vickie Su @online{dai:20211214:collecting:3d6dd34, author = {Nick Dai and Ted Lee and Vickie Su}, title = {{Collecting In the Dark: Tropic Trooper Targets Transportation and Government}}, date = {2021-12-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/l/collecting-in-the-dark-tropic-trooper-targets-transportation-and-government-organizations.html}, language = {English}, urldate = {2022-03-30} } Collecting In the Dark: Tropic Trooper Targets Transportation and Government ChiserClient Ghost RAT Lilith Quasar RAT xPack

---

Credits: MISP Project