Platinum Group Unleashes New Titanium Backdoor
The advanced persistent threat (APT) group, Platinum, is using a new Windows backdoor dubbed Titanium to infiltrate and take over target systems. Active since at least 2009, Platinum has targeted various government, military, and political targets in Asia Pacific, particularly countries in South and Southeast Asia regions. Platinum usually employs a multi-step infection sequence to install the Titanium payload, which can bypass simple anti-virus emulation engines. The Titanium backdoor uses various methods to hide in plain sight by camouflaging as security solutions, sound drivers, or software commonly used to create DVDs. Titanium can receive commands via text steganography hidden within PNG files to perform a wide range of tasks, including read and write any files from the file systems, update configuration parameters, and to drop and execute payloads.
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services