ESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized by the company. This resulted in two of the company’s customers being subsequently compromised.
ESET attributes the campaign with high confidence to the Tick APT group. Based on Tick’s profile, the objective of the attack was most likely cyber espionage. The customer portfolio of the DLP company includes government and military entities, making the compromised company an especially attractive target for an APT group such as Tick.