SYMBOLCOMMON_NAMEaka. SYNONYMS

Antlion  (Back to overview)


Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has lasted over the course of at least 18 months.


Associated Families
win.xpack

References
2022-02-06The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20220206:chinese:e5193ae, author = {Ravie Lakshmanan}, title = {{Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor}}, date = {2022-02-06}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/02/chinese-hackers-target-taiwanese.html}, language = {English}, urldate = {2022-02-09} } Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor
xPack
2022-02-03SymantecSymantec Threat Hunter Team
@online{team:20220203:antlion:f2f0600, author = {Symantec Threat Hunter Team}, title = {{Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan}}, date = {2022-02-03}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/china-apt-antlion-taiwan-financial-attacks}, language = {English}, urldate = {2022-02-04} } Antlion: Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan
MimiKatz xPack Antlion
2021-12-14Trend MicroNick Dai, Ted Lee, Vickie Su
@online{dai:20211214:collecting:3d6dd34, author = {Nick Dai and Ted Lee and Vickie Su}, title = {{Collecting In the Dark: Tropic Trooper Targets Transportation and Government}}, date = {2021-12-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/l/collecting-in-the-dark-tropic-trooper-targets-transportation-and-government-organizations.html}, language = {English}, urldate = {2022-03-30} } Collecting In the Dark: Tropic Trooper Targets Transportation and Government
ChiserClient Ghost RAT Lilith Quasar RAT xPack

Credits: MISP Project