The Rancor group’s attacks use two primary malware families which are naming DDKONG and PLAINTEE. DDKONG is used throughout the campaign and PLAINTEE appears to be new addition to these attackers’ toolkit. Countries Unit 42 has identified as targeted by Rancor with these malware families include, but are not limited to Singapore and Cambodia.
Also known as
Rancor group, Rancor, Rancor Group, G0075, Rancor Taurus.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).