VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Tropic Trooper uses trojanized SumatraPDF and GitHub for AdaptixC2

Tropic Trooper применяет троянизованный SumatraPDF и GitHub для AdaptixC2

Colleagues, security alert: Tropic Trooper distributes AdaptixC2 via a trojanized SumatraPDF.

- Zscaler ThreatLabz: the ZIP lure shows a decoy reader and drops encrypted shellcode; the TOSHIS loader (Xiangoop variant) deploys the agent.
- AdaptixC2 uses GitHub as a C2 channel; upon identifying high-value targets, operators deploy VS Code and configure VS Code Tunnels for access. Staging servers also hosted Cobalt Strike and EntryShell.

Why it matters: abusing legitimate applications and public services complicates detection and increases risk of prolonged compromise.

How are we strengthening defenses against such supply-chain and service-abuse chains?

#cybersecurity #ThreatIntelligence #APT #DevSecOps

Latest comments

No comments yet.