← Back to Actors
BlackTech
BlackTechPalmerworm
[BlackTech](https://attack.mitre.org/groups/G0098) is a suspected Chinese cyber espionage group that has primarily targeted organizations in East Asia--particularly Taiwan, Japan, and Hong Kong--and the US since at least 2013. [BlackTech](https://attack.mitre.org/groups/G0098) has used a combination of custom malware, dual-use tools, and living off the land tactics to compromise media, construction, engineering, electronics, and financial company networks.(Citation: TrendMicro BlackTech June 2017)(Citation: Symantec Palmerworm Sep 2020)(Citation: Reuters Taiwan BlackTech August 2020)
14
Techniques
13
Covered
1
Gaps
93%
Coverage
Coverage13/14
COVERED (13)
T1021.004SSH31 det.T1036.002Right-to-Left Override6 det.T1046Network Service Discovery49 det.T1106Native API27 det.T1190Exploit Public-Facing Application208 det.T1203Exploitation for Client Execution71 det.T1204.001Malicious Link9 det.T1204.002Malicious File397 det.T1566.001Spearphishing Attachment850 det.T1566.002Spearphishing Link837 det.T1574.001DLL106 det.T1588.002Tool13 det.T1588.004Digital Certificates1 det.