08:00 - 09:10

報到時間

09:10 - 09:30

嘉賓致詞 & Opening

09:30 - 09:55

活動介紹

09:55 - 10:40
10:40 - 10:55

Break

10:55 - 11:40
11:40 - 12:40

Lunch

12:40 - 13:25
13:25 - 13:40

Break

13:40 - 14:25
14:25 - 14:55

Tea Time

14:55 - 15:40
15:40 - 15:55

Break

15:55 - 16:40
16:40 - 16:55

Break

16:55 - 17:40
17:40 - 17:50

Closing

APT10 HUNTER RISE ver3.0: Repel new malware LODEINFO, DOWNJPIT and LilimRAT

First discovered in December 2019 by JPCERT/CC, LODEINFO is a fileless backdoor that was seen being delivered via spear-phishing emails to some Japanese organizations, such as the media, diplomatic organizations, public agencies, the defense sector, and a think tank. This malware is still being actively deployed in APT campaigns. Because, the new version v0.4.9 of LODEINFO was discovered in April 2021.

Kaspersky have been closely tracking the APT actor's activity using LODEINFO. Then, we have found a previously undiscovered malware such as DOWNJPIT and LILIM RAT related to LODEINO.

Through this presentation, I will share the investigation results of these two pieces of malware, which have yet to be reported on by the security community, and shed light on its association with previous activities by the APT10.