1 article
The Chinese APT group Tropic Trooper has been observed deploying the AdaptixC2 post-exploitation framework through a malicious SumatraPDF installer distributed from a convincing lookalike site. Command-and-control communications are routed through GitHub's REST API, blending malicious traffic with the high-volume legitimate developer activity that most enterprises whitelist.