Category: INFOSEC
-
More Flagpro, More Problems
No stranger to this blog, BlackTech has continued to modify techniques to compromise networks and even suffered an OPSEC slip in the way of an open directory. This post will cover a malicious document similar to that identified by [1] PWC and [2] NTT in the previous reporting on the group. While I cannot definitively […]
-
BlackTech Updates Elf-Plead Backdoor
Overview On November 10, 2020, JPCert[1] published a blog post in Japanese (the English version followed about a week later), providing an overview of BlackTech’s PLEAD backdoor, referred to as “ELF_PLEAD”, specifically targeting *nix systems. In late March 2021, Intezer[2] tweeted a hash of what was described as a fully undetectable (FUD) version of ELF_PLEAD. […]