@imp0rtp3
Another infosec enthusiast blog
Latest from the Blog
A Deep Dive Into SoWaT: APT31’s Multifunctional Router Implant
Executive Summary APT31 is long known to use Operational Relay Boxes (ORBs) and compromise routers.This report examines in detail their only publicly known router implant, dubbed “SoWaT”The implant is capable to function as RAT, a tunnel and a proxy.Extensive verification and double-encryption procedures signal a TA trying to evade even the most capable defenderThe implant’s…
Uncovering Tetris – a Full Surveillance Kit Running in your Browser
Executive Summary A Chinese state sponsored threat actor is targeting Chinese-speaking opposition through waterholed websites.The Campaign uses a modular and custom JS surveillance framework, dubbed “Tetris”, implementing a wide range of browser feature.Almost all of Tetris’ components have zero AV detections. Tetris exploits vulnerabilities is 58 widely used websites, including Aliexpress, Baidu, QQ and Tmall.Three…
imp0rtp3 