Joey Chen is working as a Cyber Threat Researcher for Trend Micro Incorporated in Taiwan. His major areas of research include incident response, APT investigation, malware analysis and cryptography analysis. He not only has been a speaker at DeepIntel, CODEBLUE, HITCON and CYBERSEC conference but also got 2018 Training Ambassador & Trainer price in TrendMicro. Now he is focusing on the security issues of target attack emerge threat and IOT systems.
Tropic Trooper is well aware that military or government organizations may have more robust security in their physically isolated environments (i.e., the use of biometrics or USB use in a quarantined machine before an air-gapped environment). The group then targets potentially unsecured related organizations that could serve as jumping-off points for attacks. For instance, we observed Tropic Trooper move from a military hospital to the military’s physically isolated network.
This talk provides an overview of the USB malware called USBferry and its capabilities, as well as the other tools used to infiltrate physically isolated environments. In addition, we will talk about their notable tactics in their attack scenario. Further details, including indicators of compromise (IoCs), can be read in the : https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-troopers-back-usbferry-attack-targets-air-gapped-environments/