CYCRAFTPRESS RELEASE
TLP-White
DIGITAL FORENSICS
2020-04-15

APT Group Chimera - APT Operation Skeleton key Targets Taiwan Semiconductor Vendors

From what we found even those who use VPNs are at risk — even more so than usual. Read below to see how and what to do about it.

“Taiwan is set to become the largest and fastest-growing semiconductor equipment maker in the world by increasing by 21.1 percent to reach US$12.31 billion.” -Taiwan News, July 2019

2019 was an excellent year for the Taiwan superconductor industry; however, beneath this economic upturn, a digital chimera was slowly eating at it from within. Throughout 2019, multiple companies in the Taiwan high-tech ecosystem were victims of an advanced persistent threat (APT) attack.

APTs are professional cyber espionage actors that typically receive direction and support from nation-states and often target organizations (orgs) with high-value information, such as national defense, financial, energy, or manufacturing.

Due to these APT attacks having similar behavior profiles (similar adversarial techniques, tactics, and procedures or TTP) with each other and previously documented cyberattacks, we assess with high confidence these new attacks were conducted by the same foreign threat actor.

During our investigation, we dubbed this threat actor Chimera. “Chimera” stands for the synthesis of hacker tools that we’ve seen the group use, such as the skeleton key malware that contained code extracted from both Dumpert and Mimikatz — hence Chimera.

Read more

▶ Download it now

APT Group Chimera - APT Operation Skeleton key Targets Taiwan Semiconductor Vendors
APT Group Chimera - APT Operation Skeleton key Targets Taiwan Semiconductor Vendors