CN

BlackwoodBlackwood

Also known as: Blackwood

Origin
CN
Known aliases
1

Profile

Blackwood is a China-aligned APT group that has been active since at least 2018. They primarily engage in cyberespionage operations targeting individuals and companies in China, Japan, and the United Kingdom. Blackwood utilizes sophisticated techniques such as adversary-in-the-middle attacks to deliver their custom implant, NSPX30, through updates of legitimate software. They also have the capability to hide the location of their command and control servers by intercepting traffic generated by the implant.

Aliases· 1

Blackwood

References

  1. https://www.welivesecurity.com/en/eset-research/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005/
  2. https://blog.sonicwall.com/en-us/2024/01/blackwood-apt-group-has-a-new-dll-loader/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
BlackTech
Actor
Blackgear
Actor
APT30
Actor
Blacktail
Actor
APT41
Actor
BRONZE EDGEWOOD
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.