{"id":75261,"date":"2024-01-31T23:35:21","date_gmt":"2024-01-31T15:35:21","guid":{"rendered":"https:\/\/version-2.com\/?p=75261"},"modified":"2024-01-26T23:37:48","modified_gmt":"2024-01-26T15:37:48","slug":"eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2024\/01\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/","title":{"rendered":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"75261\" class=\"elementor elementor-75261\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"content-c10205619\" class=\"frame frame-default frame-type-text frame-layout-0\"><div id=\"content-c10238030\" class=\"frame frame-default frame-type-text frame-layout-0\"><ul><li>ESET Research has discovered the NSPX30 implant being deployed via the update mechanisms of legitimate software, such as Tencent QQ, WPS Office, and Sogou Pinyin, and attributes this activity to a new China-aligned APT group ESET named Blackwood.\u00a0<\/li><li>ESET has detected the implant in targeted attacks against both Chinese and Japanese companies as well as against individuals located in China, Japan, and the United Kingdom. The aim of the attack is cyberespionage.<\/li><li>The implant was designed around the attackers\u2019 capability to conduct packet interception, enabling NSPX30 operators to hide their infrastructure.<\/li><\/ul><p><strong>BRATISLAVA, MONTREAL \u2014 January 24, 2024 \u2014<\/strong> ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, named Blackwood by ESET. Blackwood leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant. It has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. ESET mapped the evolution of NSPX30 back to an earlier ancestor \u2013 a simple backdoor we have named Project Wood. The oldest sample found was compiled in 2005.<\/p><p>ESET Research named Blackwood and the backdoor Project Wood based on a recurring theme in a mutex name. A mutex, or mutual exclusion, is a synchronization tool used to control access to a shared resource. The Project Wood implant from 2005 appears to be the work of developers with experience in malware development, given the techniques implemented. ESET believes that the China-aligned threat actor we have named Blackwood has been operating since at least 2018. In 2020, ESET detected a surge of malicious activity on a targeted system located in China. The machine had become what is commonly referred to as a \u201cthreat magnet,\u201d as ESET Research detected attempts by attackers to use malware toolkits associated with multiple APT groups.<\/p><p>According to ESET telemetry, the NSPX30 implant was recently detected on a small number of systems. The victims include unidentified individuals located in China and Japan, an unidentified Chinese-speaking individual connected to the network of a high-profile public research university in the United Kingdom, a large manufacturing and trading company in China, and China-based offices of a Japanese corporation in the engineering and manufacturing vertical. ESET has also observed that the attackers attempt to re-compromise systems if access is lost.<\/p><p>NSPX30 is a multistage implant that includes several components, such as a dropper, an installer, loaders, an orchestrator, and a backdoor. Both of the latter components have their own sets of plugins that implement spying capabilities for several applications, such as Skype, Telegram, Tencent QQ, and WeChat, among others. It is also capable of allowlisting itself in several Chinese antimalware solutions. Using ESET telemetry, ESET Research determined that machines are compromised when legitimate software attempts to download updates from legitimate servers using the (unencrypted) HTTP protocol. Hijacked software updates include those for popular Chinese software, such as Tencent QQ, Sogou Pinyin, and WPS Office. The basic purpose of the backdoor is to communicate with its controller and exfiltrate collected data; it is capable of taking screenshots, keylogging, and collecting various information.<\/p><p>The attackers\u2019 capability for interception also allows them to anonymize their real infrastructure, as the orchestrator and the backdoor contact legitimate networks owned by Baidu to download new components or exfiltrate collected information. ESET believes that the malicious but legitimate-looking traffic generated by NSPX30 is forwarded to the real attackers\u2019 infrastructure by the unknown interception mechanism that also performs adversary-in-the-middle attacks.<\/p><p>\u201cHow exactly the attackers are able to deliver NSPX30 as malicious updates remains unknown to us, as we have yet to discover the tool that enables the attackers to compromise their targets initially,\u201d says ESET researcher Facundo Mu\u00f1oz, who discovered NSPX30 and Blackwood. \u201cHowever, based on our own experience with China-aligned threat actors who exhibit these capabilities, as well as recent research on router implants attributed to another China-aligned group, MustangPanda, we speculate that the attackers are deploying a network implant within the networks of the victims, possibly on vulnerable network appliances, such as routers or gateways,\u201d explains Mu\u00f1oz.<\/p><p>For more technical information about the new China-aligned APT group Blackwood and its latest NSPX30 implant, check out the blog post \u201c<a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005\/\" target=\"_blank\" rel=\"noopener\">NSPX30: A sophisticated AitM-enabled implant evolving since 2005<\/a>.\u201d Make sure to follow <a href=\"https:\/\/twitter.com\/ESETresearch\" target=\"_blank\" rel=\"noopener\">ESET Research on Twitter (today known as X)<\/a> for the latest news from ESET Research.<\/p><p class=\"align-center\"><strong>Geographical distribution of Blackwood victims<\/strong><\/p><p class=\"align-center\"><strong><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png\" alt=\"\" width=\"800\" height=\"405\" \/><\/strong><\/p><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18159\" class=\"elementor elementor-18159\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-73b4cd0 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"73b4cd0\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d19c1e\" data-id=\"8d19c1e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8865cce elementor-widget elementor-widget-text-editor\" data-id=\"8865cce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About ESET<\/strong><br \/>For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&amp;D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>ESET Research has discovered the NSPX30 implant being d [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,40,61],"tags":[1272,41],"class_list":["post-75261","post","type-post","status-publish","format-standard","hentry","category-1273","category-eset","category-press-release","tag-1272","tag-eset"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET Research has discovered the NSPX30 implant being d [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-31T15:35:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/01\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK\",\"datePublished\":\"2024-01-31T15:35:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/01\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/\"},\"wordCount\":737,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/blackwood_press.png\",\"keywords\":[\"2024\",\"ESET\"],\"articleSection\":[\"2024\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/01\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/\",\"name\":\"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/blackwood_press.png\",\"datePublished\":\"2024-01-31T15:35:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/blackwood_press.png\",\"contentUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/blackwood_press.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/","og_locale":"zh_HK","og_type":"article","og_title":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2","og_description":"ESET Research has discovered the NSPX30 implant being d [&hellip;]","og_url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/","og_site_name":"Version 2","article_published_time":"2024-01-31T15:35:21+00:00","og_image":[{"url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"5 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/01\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK","datePublished":"2024-01-31T15:35:21+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/01\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/"},"wordCount":737,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png","keywords":["2024","ESET"],"articleSection":["2024","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/01\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/","url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/","name":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png","datePublished":"2024-01-31T15:35:21+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#primaryimage","url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png","contentUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/blackwood_press.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-new-china-aligned-apt-group-blackwood-that-uses-advanced-implant-to-attack-within-china-japan-and-the-uk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"ESET Research discovers new China-aligned APT group Blackwood that uses advanced implant to attack within China, Japan, and the UK"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-jzT","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/75261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=75261"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/75261\/revisions"}],"predecessor-version":[{"id":75265,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/75261\/revisions\/75265"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=75261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=75261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=75261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}