Names | Roaming Tiger (ESET) Rotten Tomato (Sophos) CTG-7273 (SecureWorks) Bronze Woodland (SecureWorks) | |
Country | China | |
Motivation | Information theft and espionage | |
First seen | 2014 | |
Description | (Palo Alto) In late 2014, ESET presented an attack campaign that had been observed over a period of time targeting Russia and other Russian speaking nations, dubbed “Roaming Tiger”. The attack was found to heavily rely on RTF exploits and at the time, thought to make use of the PlugX malware family. | |
Observed | Countries: Belarus, Kazakhstan, Kyrgyzstan, Russia, Tajikistan, Ukraine, Uzbekistan. | |
Tools used | BBSRAT, Gh0st RAT, PlugX. | |
Operations performed | Aug 2015 | <https://unit42.paloaltonetworks.com/bbsrat-attacks-targeting-russian-organizations-linked-to-roaming-tiger/> |
Information | <http://2014.zeronights.org/assets/files/slides/roaming_tiger_zeronights_2014.pdf> |
Last change to this card: 10 August 2021
Download this actor card in PDF or JSON format
Previous: Riddle Spider
Next: Rocket Kitten, Newscaster, NewsBeef
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |