Posted by on May 4, 2020
Software that is endemic to a specific country or region has long been a popular attack vector, in particular among APT groups, who have a history of exploiting vulnerabilities in such software. Past VB conference papers have analysed attacks against InPage, popular in Pakistan, and against Hangul, widely used in South Korea.
Japan has also seen a number of targeted attacks against software popular in the country. Such attacks were the subject of a VB2019 paper by Shusei Tomonaga, Tomoaki Tani and colleagues from JPCERT/CC. In particular, they analysed attacks that leveraged vulnerabilities in three pieces of software: the Sanshiro spreadsheet software, the Ichitaro word processing software, and the SKYSEA asset management tool. Their paper also includes in overview of various APT groups' targeting of Japan.