Experience the power of our SaaS-based platform today by signing up for a Free Trial

WIP19 targets IT service providers and telcos with custom malware

Threat Advisories

WIP19 targets IT service providers and telcos with custom malware

Threat Level
Actor Report

For a detailed threat advisory, download the pdf file here

Summary

WIP19, a Chinese APT group is using legitimate and stolen certificates to sign malware, such as SQLMaggie, ScreenCap, and a credential dumper which it then used to target telecommunications and IT services organizations in Asia and the Middle East.

Sign up to receive our Weekly Threat Digest