Port 22

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

We found cyberespionage group TICK targeting critical systems and enterprises, attempting to steal information to benefit this APT group’s sponsor and endanger national security. In this research brief, we show the timeline of the group’s activities and malware development, as well as the technical analyses of the new malware families, modified tools, and upgraded malware routines.