 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Blackwood| Names | Blackwood (ESET) | |
| Country |  China | |
| Motivation | Information theft and espionage | |
| First seen | 2018 | |
| Description | (ESET) Blackwood is a China-aligned APT group active since at least 2018, engaging in cyberespionage operations against Chinese and Japanese individuals and companies. Blackwood has capabilities to conduct adversary-in-the-middle attacks to deliver the implant we named NSPX30 through updates of legitimate software, and to hide the location of its command and control servers by intercepting traffic generated by the implant. | |
| Observed | Sectors: Manufacturing. Countries: China, Japan, UK. | |
| Tools used | NSPX30. | |
| Operations performed | Jan 2024 | Blackwood APT Group Has a New DLL Loader <https://blog.sonicwall.com/en-us/2024/01/blackwood-apt-group-has-a-new-dll-loader/> |
| Information | <https://www.welivesecurity.com/en/eset-research/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005/> | |
Last change to this card: 06 March 2024
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |