APT10 Targeting Japanese Corporations Using Updated TTPs
In July 2018, FireEye devices detected and blocked what appears to
be APT10 (Menupass) activity targeting the Japanese media sector.
APT10 is a Chinese cyber espionage group that FireEye has tracked
since 2009, and they have a history of targeting
In this campaign, the group sent spear phishing emails containing
malicious documents that led to the installation of the UPPERCUT
backdoor. This backdoor is well-known in the security community as ANEL,
and it used to come in beta or RC (release candidate) until recently.
Part of this blog post wil...