China Chopper: The China Chopper tool, which was previously used in the “Operation Soft Cell” against the telecommunications industry is still being used. Used by groups such as China-sponsored APT10 and Leviathan, the web shell has been around for approximately nine years. The tool allows malicious actors to remotely control a targeted system that uses a client-side application which contains all the Logic required to control the target. The first attack seen with China Chopper stole confidential documents off of a server and the second attack deployed ransomware. This tool was originally used by state-sponsored actors, and through the years it has started to be used by more and more nation-state and cybercriminal groups. Though the threat landscape is constantly changing, some things continue to work no matter their age.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is