From gathering intelligence, using the right social engineering lures, and exploiting vulnerabilities to laterally moving within the network, targeted attacks have multifarious tools at their disposal. And like in a game of chess, they are the set pieces that make up their modus operandi.
Take for instance the self-named ChessMaster, a campaign targeting Japanese academe, technology enterprises, media outfits, managed service providers, and government agencies. It employs various poisoned pawns: malware-laden spear-phishing emails with decoy documents purporting to be legitimate. And beyond ChessMaster’s endgame and pawns, we also found red flags that allude to its links to APT 10, a.k.a. menuPass, POTASSIUM, Stone Panda, Red Apollo, and CVNX.
ChessMaster’s name is from pieces of chess/checkers/draughts we found in the resource section of the main backdoor they use against their targets: ChChes, which Trend Micro detects as BKDR_CHCHES.Read More