The BlackTech cyber-espionage APT group has been detected targeting Japanese companies using malware that researchers call ‘Flagpro’.
The malicious actor uses Flagpro in the first phase for network reconnaissance, to assess the target environment, and download second-stage malware and execute it.
According to the NTT Security report, Flagpro has been used against Japanese companies for more than a year, since at least October 2020. The most recent sample researchers can find is from July 2021. Targeted businesses come from a variety of industries, including defense technology, media, and communications.
Read More: bleepingcomputer