Category: INFOSEC

• More Flagpro, More Problems

  

  No stranger to this blog, BlackTech has continued to modify techniques to compromise networks and even suffered an OPSEC slip in the way of an open directory. This post will cover a malicious document similar to that identified by [1] PWC and [2] NTT in the previous reporting on the group. While I cannot definitively […]

  Mike

  December 12, 2021

  INFOSEC

  APT, BlackTech, Malware

• BlackTech Updates Elf-Plead Backdoor

  

  Overview On November 10, 2020, JPCert[1] published a blog post in Japanese (the English version followed about a week later), providing an overview of BlackTech’s PLEAD backdoor, referred to as “ELF_PLEAD”, specifically targeting *nix systems. In late March 2021, Intezer[2] tweeted a hash of what was described as a fully undetectable (FUD) version of ELF_PLEAD. […]

  Mike

  February 11, 2021

  INFOSEC