Malware used by attack group BlackTech after intrusion
released on 2019-09-03 @ 11:11:08 AM
The previous JPCERT / CC Eyes explained the malware TSCookie and PLEAD used by the attack group BlackTech, but this attack group continues to be active. JPCERT / CC research confirms that if this attacker enters the network, it uses a variant that behaves slightly different from the TSCookie described above.