Security News > 2021 > December > ‘Tropic Trooper’ Reemerges to Target Transportation Outfits

They've been an active threat group since 2011, but a recent uptick in activity from Earth Centaur - previously known as Tropic Trooper - aimed specifically at transportation and government agencies is setting off alarm bells among experts.

The analysts were able to attribute the new Earth Centaur activity to Tropic Trooper after finding similar code in configuration decoding, they reported.

Credential dumping was another common tactic Trend Micro saw with the Tropic Troopers transportation campaign.

Tropic Trooper "Uses backdoors with different protocols, which are deployed depending on the victim," Trend Micro's researchers found.

The rise of the threat actor's interest in the transportation and government sector coincides with the November passage of the Infrastructure Deal, which promises gargantuan investments across the transportation sector, including $39 billion to modernize transit, $89.9 billion for public transit, $25 billion for airports, $66 billion in rail funding and much more.

Billions in cash are about to flood the transportation sector by way of the government, and Earth Centaur appears perfectly poised to cash in.

News URL

https://threatpost.com/tropic-trooper-transportation/177106/