PittyTiger is a threat group believed to operate out of China that uses multiple different types of malware to maintain command and control. (Citation: Bizeul 2014) (Citation: Villeneuve 2014)
Platform | Tactic | Technique | Description | Data Sources |
---|---|---|---|---|
Linux, macOS, Windows, AWS, GCP, Azure, SaaS, Office 365 | defense-evasion, persistence, privilege-escalation, initial-access | Valid Accounts | PittyTiger attempts to obtain legitimate credentials during operations. | AWS CloudTrail logs, Stackdriver logs, Authentication logs, Process monitoring |