Taiwan Drone Makers Targeted by New Cyber Espionage Group: TIDRONE’s High-Flying Hacks!

Trend Micro is tracking a previously undocumented threat actor, TIDRONE, targeting Taiwan drone manufacturers in an espionage-driven cyber attack campaign.

3P
Published: September 9, 2024 6:09 amAdded: September 8, 2024 at 11:15 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Drone manufacturers in Taiwan must be feeling like they’re stuck in an episode of Cyber Espionage: The Reality Show, thanks to our new friends from the Far East. Yes, TIDRONE’s got them in their crosshairs, and it’s not because they’re planning a drone racing league.

Key Points:

  • Unidentified Chinese-speaking threat actor named TIDRONE targets Taiwanese drone manufacturers.
  • Espionage-driven campaign with a focus on military-related industries.
  • Custom malware CXCLNT and CLNTEND, deployed via sideloaded rogue DLLs in Microsoft Word.
  • Potential supply chain attack due to common ERP software among victims.
  • Three-stage attack chain includes UAC bypass, credential dumping, and disabling antivirus products.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?