@inversecos

Since I reside in a Five Eyes country (Australia) and have publicly presented four cases I led on China’s APT41 attacking organisations in ASEAN , particularly concerning China’s cyber and political strategies, I was curious to explore what China publishes about Five Eyes operations. This led me down a rabbit hole of research into TTPs that Chinese cybersecurity entities have attributed to the NSA – or, as they coin “APT-C-40”. These insights stem from extensive research I did on Weixin containing intelligence reports published by China’s Qihoo 360, Pangu Lab, and the National Computer Virus Emergency Response Center (CVERC). It is important to note that the authenticity and extent of these allegations remain unverified by independent sources. My goal in writing this blog is simply to aggregate and share what Chinese sources are publishing about NSA’s cyber operations (APT-C-40) to see if I could learn any new detection techniques or offensive techniques to research for fun.  As I ...