Posted by on Feb 28, 2020
PKPLUG is the name used by Palo Alto Networks’ Unit 42 team for a China-based threat actor engaged in cyber espionage. The actor uses both off-the-shelf and custom-made malware and some of its infrastructure overlaps with other threat groups.
The group’s activities were detailed in a VB2019 paper by Unit 42’s Alex Hinchliffe, who described the playbook of this long-standing adversary. (A shorter version was published around the same time in a blog post.)
Have you carried out research that furthers our understanding of the threat landscape? Have you discovered a technique that helps in the analysis of malware? The Call for Papers for VB2020 in Dublin is open! Submit your abstract before 15 March for a chance to make it onto the programme of one of the most international threat intelligence conferences.