← threatfilter.dev / all groups / Tropic Trooper

Tropic Trooper

Also known as: Pirate Panda · KeyBoy

Overview

Tropic Trooper is an unaffiliated threat group that has led targeted campaigns against targets in Taiwan, the Philippines, and Hong Kong. Tropic Trooper focuses on targeting government, healthcare, transportation, and high-tech industries and has been active since 2011.

Targets

Government · Military

Capabilities

Exploitation of public-facing / client applications — ATT&CK T1203
Custom malware/implant development — ATT&CK: 5 attributed custom malware families

TTPs — 40 techniques across 9 tactics

Tools & malware (6)

USBferry · ShadowPad · PoisonIvy · BITSAdmin · YAHOYAH · KeyBoy

Reporting (3)

Tropic Trooper’s Back: USBferry Attack Targets Air gapped Environments — Chen, J.
On-demand Webcast: CrowdStrike Experts on COVID-19 Cybersecurity Challenges and Recommendations — Busselen, M
Tropic Trooper’s New Strategy — Horejsi, J., et al

Overview

Targets

Capabilities

TTPs — 40 techniques across 9 tactics

Initial Access

Execution

Persistence

Stealth

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Tools & malware (6)

Reporting (3)