Posted by Martijn Grooten on Nov 28, 2019
The global nature of both the Virus Bulletin conference and APT threats was highlighted by a VB2019 paper from Lion Gu and Bowen Pan from the Qi An Xin Threat Intelligence Center in China.
In their paper, the researchers analysed an APT group dubbed 'Poison Vine', which targeted various government, military and research institutes in China. This group, whose activities go back almost 12 years, doesn't use particularly advanced techniques and relies on publicly available RATs and patched vulnerabilities. The researchers don't comment on the group's origins, but note the use of traditional Chinese and an interest in Cross-Strait relations.
Today we publish the researchers' paper in both HTML and PDF format. We have also uploaded the video of Bowen's VB2019 presentation to our YouTube channel.