BRONZE VINEWOOD
Objectives
Aliases
Tools
SUMMARY
BRONZE VINEWOOD has targeted legal, consulting, and software development organizations. CTU research also suggests that organizations that operate in government or defense supply chains, or that provide services to those organizations, are at increased risk from targeted threat groups like BRONZE VINEWOOD.
The group has used a range of tools for initial access, persistence, and lateral movement, including SQL injection, Trochilus RAT, HanaRat, and other malware. Stolen data has been compressed as RAR files and staged in Temp directories on compromised servers prior to exfiltration. The group uses a variety of command and control servers to make it harder to link BRONZE VINEWOOD intrusions. The group has also used public sites such as GitHub and Dropbox for command and control.
Analyse des menaces
BRONZE VINEWOOD Uses HanaLoader to Target Government Supply ChainAnalyse des menaces
BRONZE VINEWOOD Targets Supply ChainsAnalyse des menaces
DropboxAES Remote Access TrojanContactez-nous
Que votre organisation ait besoin d’une assistance immédiate ou que vous souhaitiez discuter de vos besoins en matière de préparation aux incidents, de réponse et de test, contactez-nous directement ci-dessous.