Targeting of high-value customers of an East Asian data-loss prevention company

Date of report

March 2023

Affiliations

Tick

Tick, a Chinese intelligence-aligned actor, compromised an internal update to the servers of a data-loss prevention company in order to deliver malware within the network. Tick packaged its malware as part of legitimate installers so that the malware was eventually executed on computers of the company’s customers.

Suspected victims

Two customers of an East Asian data-loss prevention company

Suspected state sponsor

China

Type of incident

Espionage

Target category

Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events