← Back to Actors
BlackTech
BlackTechPalmerworm
[BlackTech](https://attack.mitre.org/groups/G0098) is a suspected Chinese cyber espionage group that has primarily targeted organizations in East Asia--particularly Taiwan, Japan, and Hong Kong--and the US since at least 2013. [BlackTech](https://attack.mitre.org/groups/G0098) has used a combination of custom malware, dual-use tools, and living off the land tactics to compromise media, construction, engineering, electronics, and financial company networks.(Citation: TrendMicro BlackTech June 2017)(Citation: Symantec Palmerworm Sep 2020)(Citation: Reuters Taiwan BlackTech August 2020)
14
Techniques
13
Covered
1
Gaps
93%
Coverage
Coverage13/14
COVERED (13)
T1021.004SSH34 det.T1036.002Right-to-Left Override6 det.T1046Network Service Discovery51 det.T1106Native API29 det.T1190Exploit Public-Facing Application216 det.T1203Exploitation for Client Execution75 det.T1204.001Malicious Link10 det.T1204.002Malicious File425 det.T1566.001Spearphishing Attachment905 det.T1566.002Spearphishing Link904 det.T1574.001DLL109 det.T1588.002Tool13 det.T1588.004Digital Certificates1 det.