← threatfilter.dev / all groups / Whitefly
Whitefly
Overview
Whitefly is a cyber espionage group that has been operating since at least 2017. The group has targeted organizations based mostly in Singapore across a wide variety of sectors, and is primarily interested in stealing large amounts of sensitive information. The group has been linked to an attack against Singapore’s largest public health organization, SingHealth.
TTPs — 9 techniques across 6 tactics
Resource Development
-
T1588.002Tool
Execution
-
T1059Command and Scripting Interpreter -
T1204.002Malicious File
Privilege Escalation
Stealth
-
T1027.013Encrypted/Encoded File -
T1036.005Match Legitimate Resource Name or Location -
T1574.001DLL
Credential Access
-
T1003.001LSASS Memory
Command and Control
-
T1105Ingress Tool Transfer
Tools & malware (1)
Mimikatz