State of the Hack

State of the Hack discusses the latest in information security, digital forensics, incident response, cyber espionage, APT attack trends, and tales from the front lines of significant targeted intrusions.

RSS 0 0
0:00
Loading

S2E06: APT41 - Double Dragon: The Spy Who Fragged Me

Updated about 1 year ago.

This is our APT group graduation party for APT41: Double Dragon, conducting both Chinese state-sponsored espionage activity and personal financially-motivated activity. You've read the report* and on this episode, Christopher Glyer and Nick Carr go behind-the-scenes with two technical experts, Jackie O'Leary and Ray Leong, who worked for months to produce the report. We answer viewer questions and discuss sifting years of incident response data, peppered with Glyer's IR war stories, and fascinating malware and techniques analyzed by our reverse engineers in FLARE. Ray and Jackie share their experiences with the threat group and challenges in the graduation process. We cover what makes them sophisticated and deep-dive on their supply chain attacks & guardrails, passive & cross-platform backdoors, rootkits & bootkits, legit services usage, and third party access via TeamViewer.

*Report: https://content.fireeye.com/apt-41/rpt-apt41

Download

Comments