vietnamTIN WOODLAWN
Objectives
Aliases
Tools
SUMMARY
TIN WOODLAWN is a targeted threat group, active since at least 2014, that CTU researchers assess with moderate confidence is operated or tasked by the Vietnamese government. It has targeted automotive manufacturers, media, non-governmental organizations, dissidents or social groups of interest to the Vietnamese government in Vietnam or overseas, and regional governance groups and national governments neighbouring Vietnam.
TIN WOODLAWN is technically capable and uses a range of techniques including template injection, obfuscated macros and steganography for malware delivery, memory-resident malware, use of native command line scripts for Cobalt Strike persistence, and non-standard command and control channels such as DNS and ICMP.
Contact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.