Director of the Threat Research department at ESET
Jean-Ian Boutin is the Director of the Threat Research department at ESET. Boutin investigates trends in malware, reverse-engineers binaries and finds effective techniques to counter new threats. He has presented at several security conferences, including RSA, Black Hat, REcon, BlueHat, Virus Bulletin, and ZeroNights.
In recent years, Chinese-aligned threat actors have intensified their cyberoperations against European countries, targeting both private and public sectors. This presentation will begin with statistics highlighting the most targeted sectors and the initial access techniques predominantly exploited by these actors. We will then provide an overview of two prominent cases—one affecting the private sector and the other targeting EU governments. First, we will examine Mustang Panda's extension of operations from Asia to Europe in the past few years, emphasizing their recent attacks on the European shipping industry, some of which were executed using traditional USB stick-based methods. Next, we will delve into PerplexedGoblin, a group linked to APT31. We will discuss their sophisticated campaigns against EU governments, with a focus on their use of advanced techniques such as bring your own vulnerable binaries, known as vulnbins, and shellcode-based malware. In conclusion, we will offer insights into the future landscape of Chinese cyberthreats and strategies for defense. By analyzing these cases, we aim to enhance understanding of the persistent and evolving menace posed by Chinese cyberactors in Europe.