‘Tropic Trooper’ Reemerges to Target Transportation Outfits

Analysts warn that the attack group, now known as ‘Earth Centaur,’ is honing its attacks to go after transportation and government agencies.

They’ve been an active threat group since 2011, but a recent uptick in activity from Earth Centaur – previously known as Tropic Trooper – aimed specifically at transportation and government agencies is setting off alarm bells among experts.

Trend Micro researchers have been tracking Tropic Trooper’s resurgence, which began in July 2020 and has recently included troubling attempts to breach sensitive transportation-related data like flight schedules and financial planning documents.

The analysts were able to attribute the new Earth Centaur activity to Tropic Trooper after finding similar code in configuration decoding, they reported.

“Currently, we have not discovered substantial damage to these victims as caused by the threat group,” Trend Micro’s analysts explained. “However, we believe that it will continue collecting internal information from the compromised victims and that it is simply waiting for an opportunity to use this data.”

Earth Centaur’s Tricks

The group’s hallmark tactics, techniques and procedures (TTPs) include savvy red teamwork, the researchers noted. Earth Centaur is proficient at bypassing security and lingering undetected, the report added.

“Depending on

Read More: https://threatpost.com/tropic-trooper-transportation/177106/