CINXE.COM

<!DOCTYPE HTML> <html lang="en-ZA">  <script type="text/javascript" src="https://cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/OtAutoBlock.js"></script> <script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="821060e3-3f9c-4a2f-8613-8e0db4841f79"></script> <script type="text/javascript">function OptanonWrapper() { }</script>  <script type="text/javascript" src="/etc.clientlibs/clientlibs/granite/jquery.min.js"></script> <script type="text/javascript" src="/etc.clientlibs/clientlibs/granite/utils.min.js"></script> <script type="text/javascript"> if (typeof Granite !== "undefined" && Granite.I18n){ Granite.I18n.setLocale("en_za" || "en"); } </script> <head> <meta charset="UTF-8"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <meta name="description" content="We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. "/> <meta name="robots" content="index,follow"/> <meta name="keywords" content="apt & targeted attacks,research,mobile,articles, news, reports"/> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/> <meta name="template" content="article1withouthero"/> <meta property="article:published_time" content="2021-07-21"/> <meta property="article:tag" content="apt & targeted attacks"/> <meta property="article:section" content="research"/> <link rel="icon" type="image/ico" href="/content/dam/trendmicro/favicon.ico"/> <link rel="canonical" href="https://www.trendmicro.com/en_za/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html"/> <title>StrongPity APT Group Deploys Android Malware for the First Time</title> <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600" rel="stylesheet"/> <link href="//customer.cludo.com/css/296/1798/cludo-search.min.css" type="text/css" rel="stylesheet"/> <link rel="stylesheet" href="/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css" type="text/css"> <link rel="stylesheet" href="/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.css" type="text/css"> <script src="//tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.sync.js"></script> <meta property="og:url" content="https://www.trendmicro.com/en_za/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html"/> <meta property="og:title" content="StrongPity APT Group Deploys Android Malware for the First Time"/> <meta property="og:description" content="We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. "/> <meta property="og:site_name" content="Trend Micro"/> <meta property="og:image" content="https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-641.png"/> <meta property="og:locale" content="en_ZA"/> <meta name="twitter:card" content="summary_large_image"/> <meta name="twitter:site" content="@TrendMicro"/> <meta name="twitter:title" content="StrongPity APT Group Deploys Android Malware for the First Time"/> <meta name="twitter:description" content="We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. "/> <meta name="twitter:image" content="https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-641.png"/> <script>(window.BOOMR_mq=window.BOOMR_mq||[]).push(["addVar",{"rua.upush":"false","rua.cpush":"false","rua.upre":"false","rua.cpre":"false","rua.uprl":"false","rua.cprl":"false","rua.cprf":"false","rua.trans":"","rua.cook":"false","rua.ims":"false","rua.ufprl":"false","rua.cfprl":"false","rua.isuxp":"false","rua.texp":"norulematch","rua.ceh":"false","rua.ueh":"false","rua.ieh.st":"0"}]);</script> <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="LJA84-589LU-SVNVV-WKPLQ-NBTC7",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"LJA84-589LU-SVNVV-WKPLQ-NBTC7";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqxgy4iaz2hz3ja-f-099d3e086-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"1340666","ak.ai":parseInt("807181",10),"ak.ol":"0","ak.cr":3,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"2c32ece1","ak.r":37669,"ak.a2":n,"ak.m":"a","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":54782,"ak.gh":"23.53.33.191","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1732759250","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==fP2tyT9Uhr1SjauhJFpMfI6Yivgl5+IsSFe4N20MrFq7q2lx/04u5sIu340avQX/sHQrsoI3tQQSR0+UHH14u4cYxwnjw3RPKeb94O8dhQONCgrNPOMooaItfn37RFpGA/qhqMoe9oZqqiuyUqlbpYnUcBnOnsFZ1+2A0YW6O02AafukJoWjIFE1dhfWEFPAuzShN5YAMV3e6Zpck0F9oG57pzPEshcrGKk02SMoxUaKb9WuMYOvIO0e5CIwrwpBoSpRVx30K+xZVA1R7zV+KogoLJp//RSCxu2HS8fjm70cJ4X1owTHsddn+lqz6ucIk26Xy/Ty0wlRviql5gcP8/BZVnpmRYMdddbQlXEV7SShRvd3QfWXvDW3fj+6eVUrANL3etWVSoZgwxLbuQyrDzJYhNAoDNZuRusxwD9Ll4E=","ak.pv":"34","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body class="articlepage page basicpage context-business">  <a id="page-scroll" title="VerticalPageScroll" href="javascript:jumpScroll($(this).scrollTop());"> <span class="icon-chevron-up"></span> </a>  <script type="text/javascript"> var utag_data = {"customer_cookie_type":"business","language_code":"en_za","page_name":"research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/en_za","category_id":"en_za/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time","page_type":"unknown","site_section":"research","post_author":"Zhengyu Dong|Mobile Threats Analyst,Fyodor Yarochkin|Sr. Threat Researcher,Steven Du|Threats Analyst","post_date":"2021-07-21"}; </script> <script type="text/javascript"> window.adobeDigitalData = typeof(window.adobeDigitalData) != "undefined" ? window.adobeDigitalData : []; window.adobeDigitalData.push( {"pageID":"b3c43f6b5cfc","articleTitle":"StrongPity APT Group Deploys Android Malware for the First Time","description":"We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. ","thumbnailUrl":"/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-641.png","pageUrl":"https://www.trendmicro.com/en_za/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html","publishedDate":"2021-07-21","pageTag":"apt & targeted attacks","pageSection":"research","pageMedium":"articles, news, reports"} ); </script> <script type="text/javascript">(function(a,b,c,d){a='//tags.tiqcdn.com/utag/trendmicro/apaccms/prod/utag.js';b=document;c='script';d=b.createElement(c);d.src=a;d.type='text/java'+c;d.async=true;a=b.getElementsByTagName(c)[0];a.parentNode.insertBefore(d,a);})();</script> <div class="businessHeaderV1"> <div class="headerAssemblyV1"> <header class="page-header"> <nav> <div class="header-bar"> <div class="logo"> <a id="header-logo" href="/en_za/business.html"> <img src="/content/dam/trendmicro/global/en/core/images/logos/tm-logo-red-white-t.svg"/> <p>Business</p> </a> </div> <div class="inner-nav-wrapper"> <span class="material-symbols-outlined search-icon">search</span> <span class="material-symbols-outlined close-search-icon">close</span> <input type="checkbox" id="checkbox" class="hamburger-menu"/> <div aria-label="Menu" class="hamburger"></div> </div> </div> <div class="hamburger-wrapper"> <div class="mainNavMenuV1"><div class="mainNavMenu mainNavMenuV1"> <div class="list-wrapper inital-list-wrapper"> <ul class="menu nav-level-0"> <li>  <div class="label">Solutions</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/solutions/challenges.html">By Challenge</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges.html">By Challenge</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">By Challenge</div> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/cyber-risk.html">Understand, Prioritise & Mitigate Risks</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Understand, Prioritise & Mitigate Risks</div> <p class="copy">Improve your risk posture with attack surface management</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/cyber-risk.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/cloud-native-applications.html">Protect Cloud-Native Apps</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Protect Cloud-Native Apps</div> <p class="copy">Security that enables business outcomes</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/cloud-native-applications.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/hybrid-cloud.html">Protect Your Hybrid World</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Protect Your Hybrid, Multi-Cloud World</div> <p class="copy">Gain visibility and meet business needs with security</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/hybrid-cloud.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/infrastructure-security.html">Securing Your Borderless Workforce</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Securing Your Borderless Workforce</div> <p class="copy">Connect with confidence from anywhere, on any device</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/infrastructure-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/network-security.html">Eliminate Network Blind Spots</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Eliminate Network Blind Spots</div> <p class="copy">Secure users and key operations throughout your environment</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/network-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/detection-response.html">See More. Respond Faster.</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">See More. Respond Faster.</div> <p class="copy">Move faster than your adversaries with powerful purpose-built XDR, attack surface risk management, and zero trust capabilities</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/detection-response.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/managed-services.html">Extend Your Team</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Extend Your Team. Respond to Threats Agilely</div> <p class="copy">Maximise effectiveness with proactive risk reduction and managed services</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/managed-services.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/challenges/zero-trust.html">Operationalising Zero Trust</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Operationalising Zero Trust</div> <p class="copy">Understand your attack surface, assess your risk in real time, and adjust policies across network, workloads, and devices from a single console</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/challenges/zero-trust.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/solutions/role.html">By Role</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role.html">By Role</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">By Role</div> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role/ciso.html">CISO</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">CISO</div> <p class="copy">Drive business value with measurable cybersecurity outcomes</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role/ciso.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role/soc.html">SOC Manager</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">SOC Manager</div> <p class="copy">See more, act faster</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role/soc.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role/it-infrastructure-operations.html">Infrastructure Manager</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Infrastructure Manager</div> <p class="copy">Evolve your security to mitigate threats quickly and effectively</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role/it-infrastructure-operations.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role/cloud-developer.html">Cloud Builder and Developer</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Cloud Builder and Developer</div> <p class="copy">Ensure code runs only as intended</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role/cloud-developer.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/role/cloud-operations.html">Cloud Security Ops</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Cloud Security Ops</div> <p class="copy">Gain visibility and control with security designed for cloud environments</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/role/cloud-operations.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/capabilities/solutions-for.html">By Industry</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/capabilities/solutions-for.html">By Industry</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">By Industry</div> <a class="leaf-button color-d71920" href="/en_za/business/capabilities/solutions-for.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/capabilities/solutions-for/healthcare.html">Healthcare</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Healthcare</div> <p class="copy">Protect patient data, devices, and networks while meeting regulations</p> <a class="leaf-button color-d71920" href="/en_za/business/capabilities/solutions-for/healthcare.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/ics-ot.html">Manufacturing</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Manufacturing</div> <p class="copy">Protecting your factory environments – from traditional devices to state-of-the-art infrastructures</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/ics-ot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/ics-ot.html">Oil & Gas</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Oil & Gas</div> <p class="copy">ICS/OT Security for the oil and gas utility industry</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/ics-ot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/ics-ot.html">Electric Utility</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Electric Utility</div> <p class="copy">ICS/OT Security for the electric utility</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/ics-ot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://vicone.com/en" target="_blank" rel="noopener noreferrer">Automotive</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Automotive</div> <a class="leaf-button color-d71920" href="https://vicone.com/en" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/enterprise-5g-iot.html">5G Networks</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">5G Networks</div> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/enterprise-5g-iot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/small-business/platform.html">Small & Midsized Business Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Small & Midsized Business Security</div> <p class="copy">Stop threats with easy-to-use solutions designed for your growing business</p> <a class="leaf-button color-d71920" href="/en_za/small-business/platform.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li>  <div class="label">Platform</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/products/one-platform.html">Vision One Platform</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/one-platform.html">Vision One Platform</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="subtitle">Trend Vision One</div> <div class="title">Our Unified Platform</div> <p class="copy">Bridge threat protection and cyber risk management</p> <a class="leaf-button color-d71920" href="/en_za/business/products/one-platform.html">Learn more</a> </div> <div class="leaf-image"> <img src="/content/dam/trendmicro/global/en/core/images/console-images/navigation/trend-vision-one-laptop-console-nav.svg"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/technologies/ai-companion.html">AI Companion</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trend Vision One Companion</div> <p class="copy">Your generative AI cybersecurity assistant</p> <a class="leaf-button color-d71920" href="/en_za/business/technologies/ai-companion.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/attack-surface-management.html">Attack Surface Management</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Attack Surface Management</div> <p class="copy">Stop breaches before they happen</p> <a class="leaf-button color-d71920" href="/en_za/business/products/attack-surface-management.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/asrm-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/xdr.html">XDR (Extended Detection & Response)</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">XDR (Extended Detection & Response)</div> <p class="copy">Stop adversaries faster with a broader perspective and better context to hunt, detect, investigate, and respond to threats from a single platform</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/xdr.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/products/hybrid-cloud.html">Cloud Security</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/hybrid-cloud.html">Cloud Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="subtitle">Trend Vision One™</div> <div class="title">Cloud Security Overview</div> <p class="copy">The most trusted cloud security platform for developers, security teams, and businesses</p> <a class="leaf-button color-d71920" href="/en_za/business/products/hybrid-cloud.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/attack-surface-management.html">Attack Surface Risk Management for Cloud</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Attack Surface Risk Management for Cloud</div> <p class="copy">Cloud asset discovery, vulnerability prioritisation, Cloud Security Posture Management, and Attack Surface Management all in one</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/attack-surface-management.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/xdr.html">XDR for Cloud</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">XDR for Cloud</div> <p class="copy">Extend visibility to the cloud and streamline SOC investigations</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/xdr.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/hybrid-cloud/cloud-one-container-image-security.html">Container Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Container Security</div> <p class="copy">Simplify security for your cloud-native applications with advanced container image scanning, policy-based admission control, and container runtime protection</p> <a class="leaf-button color-d71920" href="/en_za/business/products/hybrid-cloud/cloud-one-container-image-security.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-container-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/hybrid-cloud/cloud-one-file-storage-security.html">File Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">File Security</div> <p class="copy">Protect application workflow and cloud storage against advanced threats</p> <a class="leaf-button color-d71920" href="/en_za/business/products/hybrid-cloud/cloud-one-file-storage-security.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-file-storage-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/products/endpoint-security.html">Endpoint Security</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/endpoint-security.html">Endpoint Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Endpoint Security Overview</div> <p class="copy">Defend the endpoint through every stage of an attack</p> <a class="leaf-button color-d71920" href="/en_za/business/products/endpoint-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/xdr.html">XDR for Endpoint</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">XDR for Endpoint</div> <p class="copy">Stop adversaries faster with a broader perspective and better context to hunt, detect, investigate, and respond to threats from a single platform</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/xdr.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/endpoint-security/workload-security.html">Workload Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Workload Security</div> <p class="copy">Optimised prevention, detection, and response for endpoints, servers, and cloud workloads</p> <a class="leaf-button color-d71920" href="/en_za/business/products/endpoint-security/workload-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/iot/industrial-endpoint-security.html">Industrial Endpoint Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Industrial Endpoint Security</div> <a class="leaf-button color-d71920" href="/en_za/business/products/iot/industrial-endpoint-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/user-protection/sps/mobile-security-enterprise.html">Mobile Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Mobile Security</div> <p class="copy">On-premises and cloud protection against malware, malicious applications, and other mobile threats</p> <a class="leaf-button color-d71920" href="/en_za/business/products/user-protection/sps/mobile-security-enterprise.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/sps-mobile-security-enterprise-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/products/network.html">Network Security</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/network.html">Network Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Network Security Overview</div> <p class="copy">Expand the power of XDR with network detection and response</p> <a class="leaf-button color-d71920" href="/en_za/business/products/network.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/xdr.html">XDR for Network</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">XDR for Network</div> <p class="copy">Stop adversaries faster with a broader perspective and better context to hunt, detect, investigate, and respond to threats from a single platform</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/xdr.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/network/intrusion-prevention.html">Network Intrusion Prevention (IPS)</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Network Intrusion Prevention (IPS)</div> <p class="copy">Protect against known, unknown, and undisclosed vulnerabilities in your network</p> <a class="leaf-button color-d71920" href="/en_za/business/products/network/intrusion-prevention.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/network/advanced-threat-protection.html">Breach Detection System (BDS)</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Breach Detection System (BDS)</div> <p class="copy">Detect and respond to targeted attacks moving inbound, outbound, and laterally</p> <a class="leaf-button color-d71920" href="/en_za/business/products/network/advanced-threat-protection.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/network/zero-trust-secure-access.html">Secure Service Edge (SSE)</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Secure Service Edge (SSE)</div> <p class="copy">Redefine trust and secure digital transformation with continuous risk assessments</p> <a class="leaf-button color-d71920" href="/en_za/business/products/network/zero-trust-secure-access.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/zero-trust-access-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/iot/industrial-network-security.html">Industrial Network Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Industrial Network Security</div> <a class="leaf-button color-d71920" href="/en_za/business/products/iot/industrial-network-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/enterprise-5g-iot.html">5G Network Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">5G Network Security</div> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/enterprise-5g-iot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/products/email-security.html">Email Security</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/email-security.html">Email Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Email Security</div> <p class="copy">Stop phishing, malware, ransomware, fraud, and targeted attacks from infiltrating your enterprise</p> <a class="leaf-button color-d71920" href="/en_za/business/products/email-security.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/user-protection/sps/email-and-collaboration.html">Email and Collaboration Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="subtitle">Trend Vision One™</div> <div class="title">Email and Collaboration Security</div> <p class="copy">Stop phishing, ransomware, and targeted attacks on any email service including Microsoft 365 and Google Workspace</p> <a class="leaf-button color-d71920" href="/en_za/business/products/user-protection/sps/email-and-collaboration.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/email-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/solutions/iot/ics-ot.html">OT Security</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/solutions/iot/ics-ot.html">OT Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">OT Security</div> <p class="copy">Learn about solutions for ICS / OT security.</p> <a class="leaf-button color-d71920" href="/en_za/business/solutions/iot/ics-ot.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/detection-response/xdr.html">XDR for OT</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">XDR for OT</div> <p class="copy">Stop adversaries faster with a broader perspective and better context to hunt, detect, investigate, and respond to threats from a single platform</p> <a class="leaf-button color-d71920" href="/en_za/business/products/detection-response/xdr.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/iot/industrial-network-security.html">Industrial Network Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Industrial Network Security</div> <a class="leaf-button color-d71920" href="/en_za/business/products/iot/industrial-network-security.html">Industrial Network Security</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/content/trendmicro/en_za/business/products/iot/industrial-endpoint-security">Industrial Endpoint Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Industrial Endpoint Security</div> <a class="leaf-button color-d71920" href="/content/trendmicro/en_za/business/products/iot/industrial-endpoint-security">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/one-platform/threat-insights.html">Threat Insights</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Threat Insights</div> <p class="copy">See threats coming from miles away</p> <a class="leaf-button color-d71920" href="/en_za/business/products/one-platform/threat-insights.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/identity.html">Identity Security</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Identity Security</div> <p class="copy">End-to-end identity security from identity posture management to detection and response</p> <a class="leaf-button color-d71920" href="/en_za/business/products/identity.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products/sovereign-private-cloud.html">On-Premises Data Sovereignty</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">On-Premises Data Sovereignty</div> <p class="copy">Prevent, detect, respond and protect without compromising data sovereignty</p> <a class="leaf-button color-d71920" href="/en_za/business/products/sovereign-private-cloud.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/products.html">All Products, Services, and Trials</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">All Products, Services, and Trials</div> <a class="leaf-button color-d71920" href="/en_za/business/products.html">Learn more</a> </div> <div class="leaf-image"> <img src="https://trendmicro.scene7.com/is/image/trendmicro/all-products-console-shot?scl=1.0&qlt=95&fmt=webp-alpha"/> </div> </li> </ul> </li> </ul> </li> <li>  <div class="label">Research</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/about/threat-research.html">Research</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/threat-research.html">Research</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Research</div> <a class="leaf-button color-d71920" href="/en_za/about/threat-research.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/research.html">Research, News, and Perspectives</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Research, News, and Perspectives</div> <a class="leaf-button color-d71920" href="/en_za/research.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://www.trendmicro.com/vinfo/za-en/security/research-and-analysis/">Research and Analysis</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Research and Analysis</div> <a class="leaf-button color-d71920" href="https://www.trendmicro.com/vinfo/za-en/security/research-and-analysis/">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://www.trendmicro.com/vinfo/za-en/security/news/" target="_blank" rel="noopener noreferrer">Security News</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Security News</div> <a class="leaf-button color-d71920" href="https://www.trendmicro.com/vinfo/za-en/security/news/" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://www.zerodayinitiative.com/about/" target="_blank" rel="noopener noreferrer">Zero Day Initiatives (ZDI)</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Zero Day Initiatives (ZDI)</div> <a class="leaf-button color-d71920" href="https://www.zerodayinitiative.com/about/" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> </ul> </li> <li>  <div class="label">Services</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/services/service-one.html">Our Services</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/service-one.html">Our Services</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Our Services</div> <a class="leaf-button color-d71920" href="/en_za/business/services/service-one.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/service-one.html">Service Packages</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Service Packages</div> <p class="copy">Augment security teams with 24/7/365 managed detection, response, and support</p> <a class="leaf-button color-d71920" href="/en_za/business/services/service-one.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/managed-xdr.html">Managed XDR</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Managed XDR</div> <p class="copy">Augment threat detection with expertly managed detection and response (MDR) for email, endpoints, servers, cloud workloads, and networks</p> <a class="leaf-button color-d71920" href="/en_za/business/services/managed-xdr.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/business/services/incident-response.html">Incident Response</a> </div> <ul class="branch nav-item-3">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/incident-response.html">Incident Response</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Incident Response</div> <p class="copy">Our trusted experts are on call whether you're experiencing a breach or looking to proactively improve your IR plans</p> <a class="leaf-button color-d71920" href="/en_za/business/services/incident-response.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/incident-response/insurance-law.html">Insurance Carriers and Law Firms</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Insurance Carriers and Law Firms</div> <p class="copy">Stop breaches with the best response and detection technology on the market and reduce clients’ downtime and claim costs</p> <a class="leaf-button color-d71920" href="/en_za/business/services/incident-response/insurance-law.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/services/support-services.html">Support Services</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Support Services</div> <a class="leaf-button color-d71920" href="/en_za/business/services/support-services.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> </ul> </li> <li>  <div class="label">Partners</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/partners/program.html">Partner Program</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/program.html">Partner Program</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Partner Program Overview</div> <p class="copy">Grow your business and protect your customers with the best-in-class complete, multilayered security</p> <a class="leaf-button color-d71920" href="/en_za/partners/program.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/competencies.html">Partner Competencies</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Partner Competencies</div> <p class="copy">Stand out to customers with competency endorsements that showcase your expertise</p> <a class="leaf-button color-d71920" href="/en_za/partners/competencies.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/partner-stories.html">Partner Successes</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Partner Successes</div> <a class="leaf-button color-d71920" href="/en_za/partners/partner-stories.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/program/managed-security-service-provider.html">Managed Security Service Provider</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Managed Security Service Provider</div> <p class="copy">Deliver modern security operations services with our industry-leading XDR</p> <a class="leaf-button color-d71920" href="/en_za/partners/program/managed-security-service-provider.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/program/managed-service-provider.html">Managed Service Provider</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Managed Service Provider</div> <p class="copy">Partner with a leading expert in cybersecurity, leverage proven solutions designed for MSPs</p> <a class="leaf-button color-d71920" href="/en_za/partners/program/managed-service-provider.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/partners/alliance-partners.html">Alliance Partners</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/alliance-partners.html">Alliance Partners</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Alliance Partners</div> <p class="copy">We work with the best to help you optimise performance and value</p> <a class="leaf-button color-d71920" href="/en_za/partners/alliance-partners.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/alliance-partners/technology.html">Technology Alliance Partners</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Technology Alliance Partners</div> <a class="leaf-button color-d71920" href="/en_za/partners/alliance-partners/technology.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/alliance-partners/explore-alliance-partners.html">Find Alliance Partners</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Find Alliance Partners</div> <a class="leaf-button color-d71920" href="/en_za/partners/alliance-partners/explore-alliance-partners.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/partners/resources.html">Partner Resources</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/resources.html">Partner Resources</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Partner Resources</div> <p class="copy">Discover resources designed to accelerate your business’s growth and enhance your capabilities as a Trend Micro partner</p> <a class="leaf-button color-d71920" href="/en_za/partners/resources.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://community-trendmicro.force.com/Gpartner/s/" target="_blank" rel="noopener noreferrer">Partner Portal Login</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Partner Portal Login</div> <a class="leaf-button color-d71920" href="https://community-trendmicro.force.com/Gpartner/s/" target="_blank" rel="noopener noreferrer">Login</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/campus.html">Trend Campus</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trend Campus</div> <p class="copy">Accelerate your learning with Trend Campus, an easy-to-use education platform that offers personalised technical guidance</p> <a class="leaf-button color-d71920" href="/en_za/partners/campus.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/co-selling.html">Co-Selling</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Co-Selling</div> <p class="copy">Access collaborative services designed to help you showcase the value of Trend Vision One™ and grow your business</p> <a class="leaf-button color-d71920" href="/en_za/partners/co-selling.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://trendmicro.my.site.com/Gpartner/s/partner-registration?language=en_US" target="_blank" rel="noopener noreferrer">Become a Partner</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Become a Partner</div> <a class="leaf-button color-d71920" href="https://trendmicro.my.site.com/Gpartner/s/partner-registration?language=en_US" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/distributors.html">Distributors</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Distributors</div> <a class="leaf-button color-d71920" href="/en_za/partners/distributors.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US" target="_blank" rel="noopener noreferrer">Find Partners</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Find Partners</div> <p class="copy">Locate a partner from whom you can purchase Trend Micro solutions</p> <a class="leaf-button color-d71920" href="https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li>  <div class="label">Company</div> <ul class="sub-menu nav-level-1"> <li> <div class="label branch"> <a class="menu-link" href="/en_za/about/why-trend-micro.html">Why Trend Micro</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/why-trend-micro.html">Why Trend Micro</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Why Trend Micro</div> <a class="leaf-button color-d71920" href="/en_za/about/why-trend-micro.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/customer-stories.html">Customer Success Stories</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Customer Success Stories</div> <a class="leaf-button color-d71920" href="/en_za/about/customer-stories.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/content/trendmicro/en_za/about/human-connections">The Human Connection</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">The Human Connection</div> <a class="leaf-button color-d71920" href="/content/trendmicro/en_za/about/human-connections">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/industry-recognition.html">Industry Accolades</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Industry Accolades</div> <a class="leaf-button color-d71920" href="/en_za/about/industry-recognition.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/partners/alliance-partners.html">Strategic Alliances</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Strategic Alliances</div> <a class="leaf-button color-d71920" href="/en_za/partners/alliance-partners.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/about/compare.html">Compare Trend Micro</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/compare.html">Compare Trend Micro</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Compare Trend Micro</div> <p class="copy">See how Trend outperforms the competition</p> <a class="leaf-button color-d71920" href="/en_za/about/compare.html">Let's go</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/compare/trend-vs-crowdstrike.html">vs. Crowdstrike</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trend Micro vs. Crowdstrike</div> <p class="copy">Crowdstrike provides effective cybersecurity through its cloud-native platform, but its pricing may stretch budgets, especially for organisations seeking cost-effective scalability through a true single platform</p> <a class="leaf-button color-d71920" href="/en_za/about/compare/trend-vs-crowdstrike.html">Let's go</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/compare/trend-vs-microsoft.html">vs. Microsoft</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trend Micro vs. Microsoft</div> <p class="copy">Microsoft offers a foundational layer of protection, yet it often requires supplemental solutions to fully address customers' security problems</p> <a class="leaf-button color-d71920" href="/en_za/about/compare/trend-vs-microsoft.html">Let's go</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/compare/trend-vs-palo-alto-networks.html">vs. Palo Alto Networks</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trend Micro vs. Palo Alto Networks</div> <p class="copy">Palo Alto Networks delivers advanced cybersecurity solutions, but navigating its comprehensive suite can be complex and unlocking all capabilities requires significant investment</p> <a class="leaf-button color-d71920" href="/en_za/about/compare/trend-vs-palo-alto-networks.html">Let's go</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="/en_za/about.html">About Us</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about.html">About Us</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">About Us</div> <a class="leaf-button color-d71920" href="/en_za/about.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/trust-center.html">Trust Centre</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Trust Centre</div> <a class="leaf-button color-d71920" href="/en_za/about/trust-center.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/history-vision-values.html">History</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">History</div> <a class="leaf-button color-d71920" href="/en_za/about/history-vision-values.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/diversity-inclusion.html">Diversity, Equity and Inclusion</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Diversity, Equity and Inclusion</div> <a class="leaf-button color-d71920" href="/en_za/about/diversity-inclusion.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/corporate-social-responsibility.html">Corporate Social Responsibility</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Corporate Social Responsibility</div> <a class="leaf-button color-d71920" href="/en_za/about/corporate-social-responsibility.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/leaders.html">Leadership</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Leadership</div> <a class="leaf-button color-d71920" href="/en_za/about/leaders.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/leading-experts.html">Security Experts</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Security Experts</div> <a class="leaf-button color-d71920" href="/en_za/about/leading-experts.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/initiative-education.html">Internet Safety and Cybersecurity Education</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Internet Safety and Cybersecurity Education</div> <a class="leaf-button color-d71920" href="/en_za/initiative-education.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/legal.html">Legal</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Legal</div> <a class="leaf-button color-d71920" href="/en_za/about/legal.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_us/about/investor-relations.html" target="_blank" rel="noopener noreferrer">Investors</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Investors</div> <a class="leaf-button color-d71920" href="/en_us/about/investor-relations.html" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/business/campaigns/formula-e.html">Formula E Racing</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Formula E Racing</div> <a class="leaf-button color-d71920" href="/en_za/business/campaigns/formula-e.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> <li> <div class="label branch"> <a class="menu-link" href="https://newsroom.trendmicro.com/" target="_blank" rel="noopener noreferrer">Connect With Us</a> </div> <ul class="branch nav-item-2">  <li> <div class="label leaf"> <a class="menu-link" href="https://newsroom.trendmicro.com/" target="_blank" rel="noopener noreferrer">Connect With Us</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Connect With Us</div> <a class="leaf-button color-d71920" href="https://newsroom.trendmicro.com/" target="_blank" rel="noopener noreferrer">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/newsroom.html">Newsroom</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Newsroom</div> <a class="leaf-button color-d71920" href="/en_za/about/newsroom.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/events.html">Events</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Events</div> <a class="leaf-button color-d71920" href="/en_za/about/events.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/careers.html">Careers</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Careers</div> <a class="leaf-button color-d71920" href="/en_za/about/careers.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> <li> <div class="label leaf"> <a class="menu-link" href="/en_za/about/webinars.html">Webinars</a> </div> <ul class="leaf nav-item-leaf">  <li class="desktop-leaf-child"> <div class="desktop-leaf-child-text"> <div class="title">Webinars</div> <a class="leaf-button color-d71920" href="/en_za/about/webinars.html">Learn more</a> </div> <div class="leaf-image"> </div> </li> </ul> </li> </ul> </li> </ul> </li> </ul> </div> <div class="list-wrapper drop-down-menu-2"> <button type="button" class="back-one-level"> <span>Back</span> </button> <div class="sub-menu-wrapper"></div> </div> <div class="list-wrapper drop-down-menu-3"> <button type="button" class="back-one-level"> <span>Back</span> </button> <div class="sub-menu-wrapper"></div> </div> <div class="list-wrapper drop-down-menu-4"> <button type="button" class="back-one-level"> <span>Back</span> </button> <div class="sub-menu-wrapper"></div> </div> <div class="list-wrapper drop-down-menu-5"> <button type="button" class="back-one-level"> <span>Back</span> </button> <div class="sub-menu-wrapper"></div> </div> <div class="buttonArrayV1"> <ul class="button-array small left-align global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none"> <li class="button-array-list"> <a class="button secondary color-ffffff normal" id="rsg-nav-free-trial-956dc9" href="/en_za/business/products/trials.html"> Free Trials </a> </li> <li class="button-array-list"> <a class="button primary color-d71920 normal" id="rsh-nav-contact-us-47cc7d" href="/en_za/business/get-info-form.html"> Contact Us </a> </li> </ul> </div> </div> </div> <div class="consumerLink"> <a href="/en_za/forHome.html">Looking for home solutions?</a> </div> <a href="https://resources.trendmicro.com/GLB-Under-Attack-Form.html" class="under-attack-link">Under Attack?</a> <div class="alerts"> <div class="alertUtilityMenu"> <div class="utility-wrapper alert-top-menu"> <div class="dropDownMenuV1"> <div class="label"><span class="counter">1</span> Alerts</div> <div class="menu"></div> </div> </div> <div class="utility-wrapper alert-sub-menu"> <button type="button" class="back-one-level-utility"> <span>Back</span> </button> <div class="sub-wrapper-content"> <div class="alerts-wrapper"> <div class="alert-buttons"> <div class="alerts-unread-button is-active">Unread</div> <div class="alerts-all-button">All</div> </div> <div class="sub-alerts-wrapper"></div> </div> <ul class="alerts-list"> <li id="alert-602e99" class="unread"> <div class="copy-wrapper">  <a href="https://resources.trendmicro.com/AWSreInvent.html" target="_blank" rel="noopener noreferrer"> <p class="copy">Join us at AWS re:Invent for demos and expert-led sessions on AI-powered security.</p> </a> <span class="material-symbols-outlined">close</span> </div>  <a href="https://resources.trendmicro.com/AWSreInvent.html" target="_blank" rel="noopener noreferrer"> <p class="ctaText">Supercharge your security ></p> </a> </li> </ul> </div> </div> </div> </div> <div class="utilityMenuV1"><div class="utilityMenu utilityMenuV1"> <div class="utility-wrapper standard-utility-wrapper"> <div class="dropDownMenuV1"> <div class="label">Support</div> <div class="menu"> <ul> <li> <a rel="noopener noreferrer" href="https://success.trendmicro.com/en-US/" target="_blank"> Business Support Portal </a> </li> <li> <a href="/global/en_au/business/services/support-services/education.html"> Education and Certification </a> </li> <li> <a rel="noopener noreferrer" href="https://success.trendmicro.com/en-US/contactus/" target="_blank"> Contact Support </a> </li> <li> <a rel="noopener noreferrer" href="https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US" target="_blank"> Find a Support Partner </a> </li> </ul> </div> </div> <div class="dropDownMenuV1"> <div class="label">Resources</div> <div class="menu"> <ul> <li> <a href="/en_za/business/ai.html"> AI Hub </a> </li> <li> <a href="/en_za/about/compare.html"> Trend Micro vs. Competition </a> </li> <li> <a href="https://resources.trendmicro.com/security-assessment-service-us.html"> Cyber Risk Assessment </a> </li> <li> <a href="/en_za/ciso.html"> CISO Resource Centre </a> </li> <li> <a href="/en_za/devops.html"> DevOps Resource Centre </a> </li> <li> <a href="/en_za/what-is.html"> What Is? </a> </li> <li> <a href="https://www.trendmicro.com/vinfo/za-en/threat-encyclopedia/"> Threat Encyclopædia </a> </li> <li> <a rel="noopener noreferrer" href="https://trendmicro.com/public-cloud-risk-assessment" target="_blank"> Cloud Health Assessment </a> </li> <li> <a href="/en_za/business/capabilities/solutions-for/cyber-insurance.html"> Cyber Insurance </a> </li> <li> <a href="https://www.trendmicro.com/vinfo/za-en/security/definition/a"> Glossary of Terms </a> </li> <li> <a href="/en_za/about/webinars.html"> Webinars </a> </li> </ul> </div> </div> <div class="dropDownMenuV1"> <div class="label">Log In</div> <div class="menu"> <ul> <li> <a rel="noopener noreferrer" href="https://signin.v1.trendmicro.com/" target="_blank"> Vision One </a> </li> <li> <a rel="noopener noreferrer" href="https://success.trendmicro.com/en-US/" target="_blank"> Support </a> </li> <li> <a rel="noopener noreferrer" href="https://community-trendmicro.force.com/Gpartner/s/login/?language=en_US&ec=302&startURL=%2FGpartner%2Fs%2F" target="_blank"> Partner Portal </a> </li> <li> <a rel="noopener noreferrer" href="https://cloudone.trendmicro.com/" target="_blank"> Cloud One </a> </li> <li> <a rel="noopener noreferrer" href="https://tm.login.trendmicro.com/simplesaml/saml2/idp/SSOService.php" target="_blank"> Product Activation and Management </a> </li> <li> <a rel="noopener noreferrer" href="https://signup.cj.com/member/signup/publisher/?cid=1867119#/branded?_k=xaeu3t" target="_blank"> Referral Affiliate </a> </li> </ul> </div> </div> </div> <div class="utility-wrapper active-utility-wrapper"> <button type="button" class="back-one-level-utility"> <span>Back</span> </button> <div class="sub-utility-wrapper"></div> </div> </div> </div> </div> </nav> </header> <div class="search"> <script type="text/javascript" src="//customer.cludo.com/scripts/bundles/search-script.js"></script> <script type="text/javascript"> var cludoSettings = {}; if( undefined === window.utag_data ) { cludoSettings.cludo_language = 'en'; } else { switch (window.utag_data.language_code) { // Cludo dropped the ball on this one case 'ja_jp': cludoSettings.cludo_language = 'jp'; break; case 'in_id': cludoSettings.cludo_language = 'id'; break; default: cludoSettings.cludo_language = window.utag_data.language_code.substring(0, 2); // First two letters are the language break; } } cludoSettings.settingsObject = { customerId: 296, engineId: 11311, searchUrl: "/en_za/common/cse.html", searchInputs: ["cludo-search-form","cludo-search-form-mobile","cludo-search-content-form"], initSearchBoxText: "", language: cludoSettings.cludo_language, //endlessScroll: {stopAfterPage:3, resultsPerPage:10, bottomOffset: 145}, //translateSearchTemplates: true, loading: "<div class='loader'></div>" }; </script> <span class="material-symbols-outlined search-back-arrow">arrow_back</span> <div class="inner-search-wrap"> <span class="material-symbols-outlined search-icon">search</span> <form class="main-menu-search" aria-label="Search Trend Micro"> <div class="main-menu-search__field-wrapper" id="cludo-search-form"> <table class="gsc-search-box"> <tbody> <tr> <td class="gsc-input"> <input type="text" class="gsc-input-field" name="search" title="search" placeholder="Search"/> </td> </tr> </tbody> </table> </div> </form> <span class="material-symbols-outlined search-clear-button">close</span> </div> </div> </div> <section class="folder-indicators slider"> <div class="folder-indicators__wrapper"> <p class="folder-indicators__title">Content has been added to your Folio</p> <div class="folder-indicators__button-wrapper"> <button class="folder-indicators__button counter" id="counter-folder"> Go to Folio (<span>0</span>) </button> <button class="folder-indicators__button close"><span class="material-symbols-outlined close-folio-message">close</span></button> </div> </div> </section></div> <div class="root responsivegrid"> <div class="aem-Grid aem-Grid--12 aem-Grid--default--12 "> <div class="articleBodyNoHero aem-GridColumn aem-GridColumn--default--12"><div class="research-layout article container" role="contentinfo"> <article class="research-layout--wrapper row" data-article-pageID="577845383"> <div class="col-xs-12 col-md-12 one-column"> <div class="col-xs-12 col-md-12"> <div class="article-details" role="heading"> <span class="article-details__bar" role="img"></span> <p class="article-details__display-tag">APT & Targeted Attacks</p> <h1 class="article-details__title">StrongPity APT Group Deploys Android Malware for the First Time</h1> <p class="article-details__description">We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. </p> <p class="article-details__author-by">By: Zhengyu Dong, Fyodor Yarochkin, Steven Du <time class="article-details__date">July 21, 2021</time> <span>Read time: </span><span class="eta"></span> (<span class="words"></span> words) </p> <div class="article-details__icons">  <div class="a2a_kit a2a_default_style" data-a2a-icon-color="#717172"> <a class="a2a_dd addthis_link" href="https://www.addtoany.com/share"> <img src="/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/share-more.svg" class="svg-icon" alt="Share"/> </a> <a class="a2a_button_print addthis_link"> <img src="/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/printer.svg" class="svg-icon" alt="Print"/> </a> </div>  <div class="add-to-folio tooltip"> <span class="icon-folio-thin"></span> <div class="right"> <p>Save to Folio</p> <i></i> </div> </div>  <div class="subscribe"> <a class="bs-modal" href="https://resources.trendmicro.com/subscription-za.html" title="Subscribe" data-modal-title="Subscribe" target="target"> <span class="icon-subscribe"></span> <span class="text">Subscribe</span> </a> </div> </div> </div> </div> </div> <hr class="research-layout-divider"/> <main class="main--content col-xs-12 col-lg-8 col-lg-push-2"> <div> </div> <div class="richText"> </div> <div class="image"> </div> <div> <div class="richText"> <div> <p>We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the <a href="https://attack.mitre.org/software/S0491/">StrongPity APT group</a>, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks. </p> <p>We first learnt about the sample from a thread shared on the <a href="https://twitter.com/malwrhunterteam/status/1397122900520472577">MalwareHunterTeam Twitter</a>. Based on the discussion thread, we learnt that the shared sample is a trojanized version of the Syrian e-gov Android application that would steal contact lists and collect files with specific file extensions from its victim's device.</p> <p>One response from the thread <a href="https://twitter.com/IsraelWernik/status/1397513144034017286">pointed out</a> that the malicious APK was likely distributed using a "watering-hole"-like technique: the attacker allegedly had compromised the official Syrian E-Gov website and replaced the official Android application file with a trojanized version of the original app. Due to the suspicious nature of this activity, we decided to investigate further.</p> <p>This blog entry will discuss the group’s attack tactics, techniques, and procedures (TTPs) in relation to the Android malware and why these activities can be attributed to this threat actor. Furthermore, we will also dive into the threat actor’s development progress and identify several other malicious Android malware samples produced by StrongPity. Finally, we will briefly discuss related malware variants, including the second version of the Android trojan, which appears to be a work in progress and includes several testing features.</p> <h1><span class="body-subhead-title">Initial investigation</span></h1> <p>The first thing we did was check the URL where the malicious APK file was hosted (https://egov[.]sy/mobile/egov[.]apk). The version of the application that is downloadable from the site at the time of writing is a clean version of the Syrian e-gov Android application that is different from the malicious application previously discussed on Twitter. This means that, at one point, the malicious version of the application was deleted from the site.</p> <p>At least six other samples with the same application name ("بوابتي") and matching package names (com.egov.app.*) can be identified on VirusTotal. We verified all of these samples and concluded that all of them are benign. These benign versions of the application were created during the period from February 2020 until March 2021. We believe all of them are official apps from the Syrian E-Gov website.</p> <p>The malicious sample, mentioned in the Twitter thread, is available on VirusTotal and as of the time of writing, has several positive detections. Although some antivirus vendors detect the identified malicious sample as Bahamut, we doubted the accuracy of this attribution to the <a href="https://www.trendmicro.com/en_us/research/18/h/the-urpage-connection-to-bahamut-confucius-and-patchwork.html">Bahamut APT group</a>. Further investigation revealed several artefacts that could possibly link the malicious sample to the <a href="https://apt.thaicert.or.th/cgi-bin/showcard.cgi?g=Promethium%2C%20StrongPity">StrongPity APT group</a>.</p> <h1><span class="body-subhead-title">Analysis of the malicious sample</span></h1> <p>The malicious version of the application (fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7) was created on May 2021(The timestamps within the file point to 2021-05-03 as the creation date, while the file was uploaded to VirusTotal on May 24, 2021). This application is signed with a different certificate and was produced by repackaging the original app from the Syrian government. All of the original applications, on the other hand, are signed with another certificate.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-1-1.png" alt="Figure 1. Comparison of the certificates used to sign the original (top) and the malicious applications(bottom)"/> <div class="caption-image-container "> </div> </figure> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-1-2.png" alt="Figure 1. Comparison of the certificates used to sign the original (top) and the malicious applications(bottom)"/> <div class="caption-image-container "> <figcaption>Figure 1. Comparison of the certificates used to sign the original (top) and the malicious applications(bottom)</figcaption> </div> </figure> </div> <div class="richText"> <div> <p>The malicious application has the AndroidManifest.xml modified to include references to additional classes and request additional permissions on the device (seen in Figure 3).</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-2.png" alt="Figure 2. The modified AndroidManifest.xml of the malicious app"/> <div class="caption-image-container "> <figcaption>Figure 2. The modified AndroidManifest.xml of the malicious app</figcaption> </div> </figure> </div> <div class="richText"> <div> <h2><span class="body-subhead-title">Overview of the inserted code</span></h2> <p>The threat actor added the following classes to this application; some of these classes (com.egov.app.NetworkStatusService, com.egov.app.Receiver) are referenced in the modified AndroidManifest.xml.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-3.png" alt="Figure 3. The classes added to the malicious app are shown in the right part of the image. The original classes are shown in the left."/> <div class="caption-image-container "> <figcaption>Figure 3. The classes added to the malicious app are shown in the right part of the image. The original classes are shown in the left.</figcaption> </div> </figure> </div> <div class="richText"> <div> <p>Figure 3 shows that many of the other classes have randomly generated class and method names. This naming pattern was likely produced by a software obfuscation tool.</p> <h5><span class="body-subhead-title"><span class="rte-sub-menu-text">Malicious code initialisation</span></span></h5> <p>Two major additional components were added to the malicious version of the application: a service and a receiver. The receiver starts the malicious service. The malicious service is declared as an Android Service, which is an application component that can perform long-running tasks in the background.</p> <p>This malicious service is declared with the class name "com.egov.app.NetworkStatusService", and is started by the Receiver class.</p> <p>Our analysis of the Receiver configuration and code found multiple methods for starting the malicious NetworkStatusService service.</p> <ul> <li><span class="rte-red-bullet">The service is started when the device connectivity is changed. The djdeeu class registers a broadcast receiver for CONNECTIVITY_CHANGE.</span></li> <li><span class="rte-red-bullet">The service can be started from launcher activity or other registered receivers.</span></li> <li><span class="rte-red-bullet">The service can be started using the "Alarm" mechanism.</span></li> </ul> <p>Once the malicious NetworkStatusService service is started, it executes its malicious functionality via a set of message handlers, which are responsible for handling specific messages.</p> <h5><span class="body-subhead-title"><span class="rte-sub-menu-text">Architecture of the backdoor</span></span></h5> <p>The sample uses the "Handler" mechanism to dispatch messages that trigger malicious behaviour. A custom enum structure is used to define the message types.</p> <p>It defines seven message types, shown in Figure 4. </p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-4.png" alt="Figure 4. Code showing the seven defined messages."/> <div class="caption-image-container "> <figcaption>Figure 4. Code showing the seven defined messages.</figcaption> </div> </figure> </div> <div class="richText"> <div> <p>Each of the messages trigger a different behaviour through the handler. The following is a quick summary of the purpose and behaviour of each specific message:</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_TRIG_ALARM_HEARTBEAT</span></span></h3> <p>When this message is received, a periodic task for heartbeat message is set.</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_TRIG_ALARM_SYNC</span></span></h3> <p>When this message is received, a periodic task for sync message is set.</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_HEARTBEAT</span></span></h3> <p>This message triggers the heartbeat function, which sends a request to the command-and-control (C&C) server and receives a response with an encrypted payload.</p> <p>The encrypted payload is first saved into the directory <DIR>/.android/water.zip, after which the file water.zip is decrypted and the decrypted payload written to <DIR>/.android/e.zip.</p> <p>Next, the file e.zip is decompressed into <DIR>/.android and the file with the name "config.properties" is accessed.</p> <p>Finally, this file is read and parsed. These properties are extracted and written as configuration settings to local shared preference, allowing the malware to change its behaviour according to the configuration.</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_SYNC</span></span></h3> <p>Sync is a repeated behaviour. It uploads files, which were collected on infected devices, with a periodicity of 3000 seconds.</p> <p>The handler for MSG_SYNC executes the following functionality:</p> <p>First, it enumerates all files under <DIR>/.android/.lib2. It then creates a zip file with the name <uniqueId>.zip (note that the unique ID is not a real device ID, the malware just calculates a custom unique ID based on the device ID value), and writes the files into the compressed file.</p> <p>Finally, it upload the zip file to the C&C server and deletes all files under <DIR>/.android/.lib2, as well as the compressed file <uniqueId>.zip.</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_COLLECT</span></span></h3> <p>The handler for this message collects data from the victim’s device. First, it collects contact information, followed by information regarding available Wi-Fi networks.</p> <p>It then searches through the device files and harvests all files that match pre-defined file extensions:</p> <ul> <li><span class="rte-red-bullet">.asc</span></li> <li><span class="rte-red-bullet">.dgs</span></li> <li><span class="rte-red-bullet">.doc</span></li> <li><span class="rte-red-bullet">.docx</span></li> <li><span class="rte-red-bullet">.edf</span></li> <li><span class="rte-red-bullet">.gpg</span></li> <li><span class="rte-red-bullet">.jpeg</span></li> <li><span class="rte-red-bullet">.jpg</span></li> <li><span class="rte-red-bullet">.key</span></li> <li><span class="rte-red-bullet">.m2r</span></li> <li><span class="rte-red-bullet">.meo</span></li> <li><span class="rte-red-bullet">.pdf</span></li> <li><span class="rte-red-bullet">.pgp</span></li> <li><span class="rte-red-bullet">.pir</span></li> <li><span class="rte-red-bullet">.pkr</span></li> <li><span class="rte-red-bullet">.pub</span></li> <li><span class="rte-red-bullet">.rjv</span></li> <li><span class="rte-red-bullet">.rms</span></li> <li><span class="rte-red-bullet">.sem</span></li> <li><span class="rte-red-bullet">.sit</span></li> <li><span class="rte-red-bullet">.skr</span></li> <li><span class="rte-red-bullet">.sys</span></li> <li><span class="rte-red-bullet">.xls</span></li> <li><span class="rte-red-bullet">.xlsx</span></li> </ul> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-5.png" alt="Figure 5. A snippet of the file harvesting code "/> <div class="caption-image-container "> <figcaption>Figure 5. A snippet of the file harvesting code </figcaption> </div> </figure> </div> <div class="richText"> <div> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_TRIG_ALARM_COLLECT</span></span></h3> <p>When this message is received, a periodic task for the “collect message” handler is set.</p> <h3><span class="body-subhead-title"><span class="rte-sub-menu-text">MSG_CONNECTIVITY</span></span></h3> <p>This message sends all the mentioned messages one by one.</p> <h1><span class="body-subhead-title">Modular Functionality of the backdoor</span></h1> <p>This sample uses highly modular components to create a flexible architecture for component loading and unloading. The functions onCreate and onDestroy show a common approach to loading and unloading a component.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-6.png" alt="Figure 6. Code snippet showing the onCreate and onDestroy functions"/> <div class="caption-image-container "> <figcaption>Figure 6. Code snippet showing the onCreate and onDestroy functions</figcaption> </div> </figure> </div> <div class="richText"> <div> <p>The following are the components were used in the sample:</p> <ul> <li><span class="rte-red-bullet">pekmek(Crypto Manager): Uses AES to decrypt and encrypt files and strings.</span></li> <li><span class="rte-red-bullet">ltymcr(Helper Class): Contains many utility functions, such as a function to calculate unique id, parse config file, write/read shared preference, and define encryption keys.</span></li> </ul> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-7.png" alt="Figure 7. Code snippet showing the ltymcr(Helper Class) component"/> <div class="caption-image-container "> <figcaption>Figure 7. Code snippet showing the ltymcr(Helper Class) component</figcaption> </div> </figure> </div> <div class="richText"> <div> <ul> <li><span class="rte-red-bullet">sadwoo: A component used as PowerWakeLock.</span></li> <li><span class="rte-red-bullet">phkyxc: A component used as WifiWakeLock.</span></li> <li><span class="rte-red-bullet">tfsdne: This is a wrapper used for C&C communication such as heartbeat and sync.</span></li> <li><span class="rte-red-bullet">itxdrx(Net Manager): A component responsible for handling HTTP protocol communication.</span></li> </ul> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-8.png" alt="Figure 8. Code from the itxdrx component"/> <div class="caption-image-container "> <figcaption>Figure 8. Code from the itxdrx component</figcaption> </div> </figure> </div> <div class="richText"> <div> <ul> <li><span class="rte-red-bullet">nhnhpi: The component responsible for managing the C&C server.</span></li> </ul> <p>This component includes definition of an initial C&C server. The initial value can be overridden. The StrongPity backdoor has the ability to update (including deleting and adding) its C&C server address via configuration updates from the "heartbeat" command.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-9.png" alt="Figure 9. The code that handles the addition and deletion of C&C servers"/> <div class="caption-image-container "> <figcaption>Figure 9. The code that handles the addition and deletion of C&C servers</figcaption> </div> </figure> </div> <div class="richText"> <div class="responsive-table-wrap"> <h1><span class="body-subhead-title">Investigation and attribution</span></h1> <p>When we learnt how the threat actor repackages benign applications into trojanized variants, we decided to search for similar samples on VirusTotal. We searched for other applications that were repackaged in a similar method and included similar malicious components.</p> <h2><span class="body-subhead-title"><span class="rte-sub-menu-text">Similar malicious samples</span></span></h2> <p>We found several other samples that were produced by the same threat actor. We determined these samples to be similar because all of them (except for the last sample) were also repackaged from normal applications and had similar malicious code inserted.</p> <table border="1" cellspacing="0" cellpadding="0" width="100%"> <tbody><tr><td><p><b>Date of submission</b></p> </td> <td width="384" valign="top"><p><b>SHA256</b></p> </td> <td width="101" valign="top"><p><b>Identified C&C servers</b></p> </td> <td width="69" valign="top"><p><b>Additional Details</b></p> </td> </tr><tr><td width="69" valign="top"><p>August 2, 2019</p> </td> <td width="384" valign="top"><p>374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb</p> </td> <td width="101" valign="top"><p>upeg-system-app[.]com</p> </td> <td width="69" valign="top"><p>Likely repacked from Kingoroot.</p> </td> </tr><tr><td width="69" valign="top"><p>June 8, 2020</p> </td> <td width="384" valign="top"><p>be9214a5804632004f7fd5b90fbac3e23f44bb7f0a252b8277dd7e9d8b8a52f3</p> </td> <td width="101" valign="top"><p>networktopologymaps[.]com</p> </td> <td width="69" valign="top"><p>Likely repacked from Snaptube, though It is not the same as 596257ef017b02ba6961869d78a2317500a45f00c76682a22bbdbd3391857b5d.</p> </td> </tr><tr><td width="69" valign="top"><p>June 8, 2020</p> </td> <td width="384" valign="top"><p>a9378a5469319faffc48f3aa70f5b352d5acb7d361c5177a9aac90d9c58bb628</p> </td> <td width="101" valign="top"><p>networktopologymaps[.]com</p> </td> <td width="69" valign="top"><p>Likely repacked from net[.]cybertik[.]wifi (the original app could be downloaded from the Yemeni website, cybertik[.]net).</p> </td> </tr><tr><td width="69" valign="top"><p>June 13, 2021</p> </td> <td width="384" valign="top"><p>596257ef017b02ba6961869d78a2317500a45f00c76682a22bbdbd3391857b5d</p> </td> <td width="101" valign="top"><p>upeg-system-app[.]com</p> </td> <td width="69" valign="top"><p>Likely repacked from Snaptube.</p> </td> </tr><tr><td width="69" valign="top"><p>January 1, 2021</p> </td> <td width="384" valign="top"><p>75dc2829abb951ff970debfba9f66d4d7c6b7c48a823a911dd5874f74ac63d7b</p> </td> <td width="101" valign="top"><p>upn-sec3-msd[.]com</p> </td> <td width="69" valign="top"><p>This is likely a testing sample because it provides buttons to test functions. This sample also contains some new features that we haven’t seen in other samples. This shows that the actor is actively involved in the development of APK versions of the backdoor.</p> </td> </tr></tbody></table> <h5 style="text-align: center;">Table 1. Similar malicious samples found on VirusTotal</h5> </div> </div> <div class="richText"> <div> <p>The sample 75dc2829abb951ff970debfba9f66d4d7c6b7c48a823a911dd5874f74ac63d7b serves as the key attribution factor and is the main link to the StrongPity threat actor, because it communicates with a C&C server that was previously identified by several research teams as infrastructure used by the group.<br /> </p> <h1><span class="body-subhead-title">Tools, tactics, and procedures on Windows</span></h1> <p>There are no known public reports of StrongPity using malicious Android applications in their attacks at the time of writing. In order to strengthen our confidence in the accuracy of our attribution to StrongPity, we decided to further examine some of their samples that were used to target Microsoft Windows platforms and see if we could identify similar tools, tactics, and procedures (TTPs) in their actions.</p> <p>Just as we have seen with the Android apps, the StrongPity group favours repacking benign installers to produce trojanized versions of these applications. Likewise, the main function of these backdoors is to search, harvest, and exfiltrate files from the victim’s computers.</p> <p>Take, for example, the following sample: 48f67be806b4e823280f03ee5512ffd58deb6f37ecc80842265d4e8d2ca30055. The sample first drops a file called "TrustedInstaller.exe" to <DIR>/AppData/Local/Temp and then executes it. This dropped file is a clean WinRAR installer.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-10.png" alt="Figure 10. Code used in the file “TrustedInstaller.exe”"/> <div class="caption-image-container "> <figcaption>Figure 10. Code used in the file “TrustedInstaller.exe”</figcaption> </div> </figure> </div> <div class="richText"> <div> <p>It then creates <DIR>/AppData/Local/Temp/lang_be29c9f3-83we to drop malicious files and execute them.</p> </div> </div> <div class="image"> <figure class="image-figure"> <img src="/content/dam/trendmicro/global/en/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time/strongpity-android-11.png" alt="Figure 11. Code showing the creation of the directory"/> <div class="caption-image-container "> <figcaption>Figure 11. Code showing the creation of the directory</figcaption> </div> </figure> </div> <div class="richText"> <div class="responsive-table-wrap"> <p>If we examine another StrongPity sample (12818a96211b7c47863b109be63e951075cf6a41652464a584dd2f26010f7535), the logic is similar — it drops a normal installer into the Temp directory and creates a directory for dropped malicious files.</p> <p>Here are three notable similarities between the Windows sample and the Android sample:</p> <p>1. They all disguised as normal apps by utilising the original clean applications — the Android sample repacks the original one into a trojanized version, while the Windows sample uses a trojanized installer packed with the original program.</p> <p>2. Both collect and exfiltrate files from the infected device.</p> <p>3. Both are highly modular. The Windows sample has a standalone Exfiltration and File Search module, a feature that could also be seen in the latest test Android sample.</p> <h1><b><span class="body-subhead-title">Possible connections to StrongPity</span></b></h1> <p>We found several clues that link the malicious Android samples with the StrongPity threat actor.</p> <p>The sample 74582c3d920332117541a9bbc6b8995fbe7e1aff communicates with the URL https://www.upn-sec3-msd[.]com/ProxyServer/service/. The domain name “upn-sec3-msd[.]com” was mentioned in <a href="https://cybersecurity.att.com/blogs/labs-research/newly-identified-strongpity-operations">another StrongPity report</a>.</p> <p>The domain naming pattern and domain acquisition techniques are quite similar. For example, the <a href="https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html">domain names</a> used by StrongPity in 2020 have a domain naming pattern similar to the domains used by the identified Android samples.</p> <p>One of the domain names, networktopologymaps[.]com, was likely bought when registration at Gandi expired. The domain was acquired via the Porkbun network registrar.</p> <p>This is similar to the domain hostoperationsystems[.]com, which was previously mentioned in the Talos report. This domain was also acquired via Porkbun and features a comparable domain naming pattern.</p> <p>Another notable point of correlation to StrongPity is the list of file extensions, which we have seen in Android samples. A similar list of the file extensions for the files is presented in variants of the trojan for Windows systems. For example, one of the samples that we had examined earlier, gathers files with the following extensions:</p> <ul> <li><span class="rte-red-bullet">.7z</span></li> <li><span class="rte-red-bullet">.asc</span></li> <li><span class="rte-red-bullet">.dgs</span></li> <li><span class="rte-red-bullet">.doc</span></li> <li><span class="rte-red-bullet">.docx</span></li> <li><span class="rte-red-bullet">.gpg</span></li> <li><span class="rte-red-bullet">.pdf</span></li> <li><span class="rte-red-bullet">.pgp</span></li> <li><span class="rte-red-bullet">.ppt</span></li> <li><span class="rte-red-bullet">.pptx</span></li> <li><span class="rte-red-bullet">.rar</span></li> <li><span class="rte-red-bullet">.rjv</span></li> <li><span class="rte-red-bullet">.rms</span></li> <li><span class="rte-red-bullet">.rtf</span></li> <li><span class="rte-red-bullet">.sft</span></li> <li><span class="rte-red-bullet">.tc</span></li> <li><span class="rte-red-bullet">.txt</span></li> <li><span class="rte-red-bullet">.xls</span></li> <li><span class="rte-red-bullet">.xlsx</span></li> </ul> <p>As we previously mentioned, there are no public reports of the StrongPity threat actor using malicious Android applications in the attack. However, we examined the trojan code-embedding techniques as well as the trojan functionality of the malicious code written by the same threat actor for Windows platforms, and we have identified some similar patterns. This leads us to believe that these could belong to the same threat actor.</p> <h2><span class="body-subhead-title">StrongPity actively develops new malicious android apps</span></h2> <p>We believe that the StrongPity Threat actor is actively developing backdoors for Android. Based on the test sample that we have identified, we can see that the threat actor attempts several techniques to lure potential victims: repackaged applications, compromised websites, and fake variants of popular applications.</p> <p>Based on the additional functionalities that we identified in the fake Samsung security service application (75dc2829abb951ff970debfba9f66d4d7c6b7c48a823a911dd5874f74ac63d7b), we think that amongst the APK files that we had identified, the repackaged applications are bundled with the first version of the Android trojan, while the fake application could be a work in progress for the next version of the tool.</p> <p>In the second version, we observed the threat actor developed and included some additional components and as well as added support for more message types.</p> <p>The following table shows the types that the threat actor has defined.</p> <table border="1" cellspacing="0" cellpadding="0" width="100%"> <tbody><tr><td><p>Message type</p> </td> <td width="312" valign="top"><p>Details</p> </td> </tr><tr><td width="312" valign="top"><p>MSG_ADD_MODULE</p> </td> <td width="312" valign="top"><p>Add a new module</p> </td> </tr><tr><td width="312" valign="top"><p>MSG_GET_MODULE</p> </td> <td width="312" valign="top"><p>Get the module instance</p> </td> </tr><tr><td width="312" valign="top"><p>MSG_DEL_MODULE</p> </td> <td width="312" valign="top"><p>Delete module file under <DIR>/.android/.li/<module name></p> </td> </tr><tr><td width="312" valign="top"><p>MSG_DEL_APK</p> </td> <td width="312" valign="top"><p>Delete the APK file under the download directory</p> </td> </tr><tr><td width="312" valign="top"><p>MSG_START_MODULES</p> </td> <td width="312" valign="top"><p> </p> </td> </tr></tbody></table> <h5 style="text-align: center;">Table 2. Message types defined by the threat actor</h5> <p>In this version, MSG_COLLECT is no longer present — we think they replaced it with MSG_START_MODULES, a message used to read all module names from the shared preference, and start/initialise them one by one.<br /> </p> <p>We were not able to get access to these modules, but based on some of the code functionality that we observed, we believe that these modules are designed to collect data from the victim’s devices and write the collected data into a local SQLite db data file. However, we were not able to find any of these modules in the wild.</p> <p>There are also several other key differences between version 1 and version 2 of the trojan:</p> <ul> <li><span class="rte-red-bullet">The message Handler for heartbeat message in version 2 is now split into two messages: heartbeat and taken_config. Either of these messages can receive a response from the C&C server and decrypt the response to update the local configuration, similarly to the version 1.</span></li> <li><span class="rte-red-bullet">Version 2 uses different AES encryption keys: key("aaaanothingimpossiblebbb"), and AES IV("aaaanothingimpos")</span></li> <li><span class="rte-red-bullet">ScreenReceiver class is added to the second version of the trojan. The purpose of this Receiver is to start the malicious service via Screen_On and Screen_Off events.</span></li> <li><span class="rte-red-bullet">Version 2 has an ability to execute “su” command, if the device is rooted. The main usage of the root privilege here is that it could grant permissions silently. Such permissions include accessibility, notification and other. However, we did not find any evidence that the sample would attempt to root the device. </span></li> <li><span class="rte-red-bullet">Two components were added in version 2 for accessibility and notification.</span></li> <li><span class="rte-red-bullet">Version 2 uses SQLite to store collected data. Furthermore, it no longer uses ZIP.</span></li> <li><span class="rte-red-bullet">In Version 2, the extra modules used in “MSG_START_MODULES” are downloaded from the C&C server via either the heartbeat or taken_config message. It’s possible that these modules are decompressed as part of the response into <DIR>/.android/.li and consequentially executed.</span></li> </ul> <h1><span class="body-subhead-title">Conclusion<br /> </span></h1> <p>This investigation has provided evidence to attribute the Android malware sample, which was posted on the Syrian e-Gov website, to the StrongPity threat group. We were also able to identify additional Android trojan files and correlate these malicious Android applications with existing public reports based on their similarities to the threat actor’s TTPs and network infrastructure they used.</p> <p>Although there are no previously known malicious Android applications attributed to the StrongPity group, we strongly believe that the threat actor is in the process of actively developing new malicious components that can be used to target Android platforms.</p> <p>We believe that the threat actor is exploring multiple ways of delivering the applications to potential victims, such as using fake apps and using compromised websites as watering holes to trick users into installing malicious applications. Typically, these websites would require its users to download the applications directly onto their devices. In order to do so, these users would be required to enable installation of the applications from “unknown sources” on their devices. This bypasses the “trust-chain” of the Android ecosystem and makes it easier for an attacker to deliver additional malicious components.</p> <h1><span class="body-subhead-title">Indicators of Compromise (IOCs)</span></h1> <h2><span class="body-subhead-title"><span class="rte-sub-menu-text">Files</span></span></h2> <table border="1" cellspacing="0" cellpadding="0" width="100%"> <tbody><tr><td><p><b>SHA256</b></p> </td> <td width="106" valign="top"><p><b>Description</b></p> </td> <td width="15" valign="top"><p><b>Detection</b></p> </td> </tr><tr><td width="498" valign="top"><p>fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7</p> <p> </p> <p> </p> </td> <td width="106" valign="top"><p>The trojanized version of the Syria eGov Application</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="498" valign="top"><p>374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb</p> </td> <td width="106" valign="top"><p>Sample repackaged from Kingoroot</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="498" valign="top"><p>a9378a5469319faffc48f3aa70f5b352d5acb7d361c5177a9aac90d9c58bb628</p> <p> </p> <p> </p> <p> </p> </td> <td width="106" valign="top"><p>Sample repackaged from net.cybertik.wifi</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="498" valign="top"><p>be9214a5804632004f7fd5b90fbac3e23f44bb7f0a252b8277dd7e9d8b8a52f3</p> </td> <td width="106" valign="top"><p>Repackaged from Snaptube</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="498" valign="top"><p>596257ef017b02ba6961869d78a2317500a45f00c76682a22bbdbd3391857b5d</p> </td> <td width="106" valign="top"><p>Repackaged from Snaptube</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="498" valign="top"><p>75dc2829abb951ff970debfba9f66d4d7c6b7c48a823a911dd5874f74ac63d7b</p> <p> </p> </td> <td width="106" valign="top"><p>Fake Samsung Security Service sample</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr></tbody></table> <h2><b data-rte-class="rte-temp"><span class="body-subhead-title"><br /> Network C&C Infrastructure</span></b></h2> <table border="1" cellspacing="0" cellpadding="0" width="100%"> <tbody><tr><td width="438" valign="top"><p><b>SHA256</b></p> </td> <td width="165" valign="top"><p><b>Domain</b></p> </td> <td width="15" valign="top"><p><b>Detection</b></p> </td> </tr><tr><td width="438" valign="top"><p>fd1aac87399ad22234c503d8adb2ae9f0d950b6edf4456b1515a30100b5656a7</p> </td> <td width="165" valign="top"><p>Internetwideband[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="438" valign="top"><p>374d92f553c28e9dad1aa7f5d334a07dede1e5ad19c3766efde74290d0c49afb</p> </td> <td width="165" valign="top"><p>upeg-system-app[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="438" valign="top"><p>a9378a5469319faffc48f3aa70f5b352d5acb7d361c5177a9aac90d9c58bb628</p> <p> </p> <p> </p> <p> </p> </td> <td width="165" valign="top"><p>networktopologymaps[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="438" valign="top"><p>be9214a5804632004f7fd5b90fbac3e23f44bb7f0a252b8277dd7e9d8b8a52f3</p> </td> <td width="165" valign="top"><p>networktopologymaps[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="438" valign="top"><p>596257ef017b02ba6961869d78a2317500a45f00c76682a22bbdbd3391857b5d</p> </td> <td width="165" valign="top"><p>upeg-system-app[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr><tr><td width="438" valign="top"><p>75dc2829abb951ff970debfba9f66d4d7c6b7c48a823a911dd5874f74ac63d7b</p> <p> </p> </td> <td width="165" valign="top"><p>upn-sec3-msd[.]com</p> </td> <td width="15" valign="top"><p>AndroidOS_StrongPity.HRX</p> </td> </tr></tbody></table> <p> </p> <p> </p> </div> </div> </div> <section class="tag--list"> <div class="tag--list-title">Tags</div> <div class="tag--list-tags"> <a href="/en_za/research.html?category=trend-micro-research:threats/apt-and-targeted-attacks" class="tag--list-anchor">APT & Targeted Attacks</a> <span class="tag--list-separator" role="separator">|</span> <a href="/en_za/research.html?category=trend-micro-research:article-type/research" class="tag--list-anchor">Research</a> <span class="tag--list-separator" role="separator">|</span> <a href="/en_za/research.html?category=trend-micro-research:environments/mobile" class="tag--list-anchor">Mobile</a> <span class="tag--list-separator" role="separator">|</span> <a href="/en_za/research.html?category=trend-micro-research:medium/article" class="tag--list-anchor">Articles, News, Reports</a> </div> </section> </main> <sidebar class="sidebar--left col-xs-12 col-lg-2 col-lg-pull-8"> <h3 class="article-authors__title"> Authors </h3>  <ul class="article-authors__list"> <li class="article-authors__list-items"> <div class="article-authors__wrapper" role="contentinfo authors profile"> <p class="article-authors__list-items__name">Zhengyu Dong</p> <p class="article-authors__list-items__position">Mobile Threats Analyst</p> </div> </li> <li class="article-authors__list-items"> <div class="article-authors__wrapper" role="contentinfo authors profile"> <p class="article-authors__list-items__name">Fyodor Yarochkin</p> <p class="article-authors__list-items__position">Sr. Threat Researcher</p> </div> </li> <li class="article-authors__list-items"> <div class="article-authors__wrapper" role="contentinfo authors profile"> <p class="article-authors__list-items__name">Steven Du</p> <p class="article-authors__list-items__position">Threats Analyst</p> </div> </li> </ul> <div class="article-authors__btn-wrapper" role="button"> <a class="article-authors__button " href="mailto:tm_research@trendmicro.com" target="target" id="article-authors-contact-us-button"> Contact Us </a> </div> <div class="article-authors__btn-wrapper subscribe-wrapper" role="button"> <a class="article-authors__button subscribe bs-modal" href="https://resources.trendmicro.com/subscription-za.html" data-modal-title="Subscribe" target="target"> Subscribe </a> </div> </sidebar> <sidebar class="sidebar--right col-xs-12 col-lg-2"> <div class="sidebar--wrapper" role="contentinfo sidebar"> <div class="row-1" role="contentinfo related articles"> <div class="related--articles" role="contentinfo related articles"> <h3 class="related--articles-title">Related Articles</h3> <ul class="related--articles-items"> <li class="related--articles-item"> <a class="related--articles-item-anchor" href="/en_za/research/24/k/earth-estries.html"> Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions </a> </li> <li class="related--articles-item"> <a class="related--articles-item-anchor" href="/en_za/research/24/k/return-of-anel-in-the-recent-earth-kasha-spearphishing-campaign.html"> Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024 </a> </li> <li class="related--articles-item"> <a class="related--articles-item-anchor" href="/en_za/research/22/d/proactive-cyber-risk-management-strategies.html"> Embracing a Risk-Based Cybersecurity Approach With ASRM </a> </li> </ul> </div> <div class="archived--link"> <div class="archived--link-text"> <a href="/en_za/research.html"> See all articles </a> </div> <div class="archived--link-icon"> <a href="/en_za/research.html"> <span class="icon-chevron-right"></span> </a> </div> </div> </div> </div> </sidebar> </article> </div></div> </div> </div> <div class="footer"> <div class="containerV1"><div class="footer_wrapper footer-wrapper"><div class="containerV1"> <div class="container-content"> <div class="responsiveColumnControlV1 section"> <div class="row global-margin-top-none global-padding-top-none global-padding-bottom-none global-margin-bottom-none" id="responsive-column-b94df97a-f225-457f-9f76-7548ae1b1827"> <div class="col-sm-12 col-xs-12 col-md-4 column"><div class="footer section"> <div class="createAccount"> <div class="containerV1 section"> <style> @media ( min-width: 1024px ){ #containerdd670dbc-89aa-43e7-a977-d6d4e1009c72, .containerdd670dbc-89aa-43e7-a977-d6d4e1009c72 { height: auto; background-repeat: no-repeat; background-size: cover; } } @media ( max-width: 1023px ) and ( min-width: 768px ){ #containerdd670dbc-89aa-43e7-a977-d6d4e1009c72, .containerdd670dbc-89aa-43e7-a977-d6d4e1009c72 { height: auto; background-repeat: no-repeat; background-size: cover; } } @media ( max-width: 767px ){ #containerdd670dbc-89aa-43e7-a977-d6d4e1009c72, .containerdd670dbc-89aa-43e7-a977-d6d4e1009c72 { height: auto; background-repeat: no-repeat; background-size: cover; } } </style> <div id="containerdd670dbc-89aa-43e7-a977-d6d4e1009c72" class="containerdd670dbc-89aa-43e7-a977-d6d4e1009c72 container-wrap gray-border global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none rounded-corners-all-20 inner-container-width"> <section> <div class="container-content"> <div class="prod-content"><div class="gridContainerV1 section"> <style> /* MOBILE (Default) */ #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 { display: grid; gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnMobile { display: none; } /* TABLET ($tablet-up: 768px) */ @media ( max-width: 1023px ) and ( min-width: 768px ) { #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnMobile { display: block; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnTablet { display: none; } } /* WIDE TABLET ($desktop-up: 1024px) */ @media ( max-width: 1199px ) and ( min-width: 1024px ) { #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnMobile { display: block; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnWideTablet { display: none; } } /* DESKTOP ($desktop-large-up: 1200px) */ @media ( max-width: 1599px ) and ( min-width: 1200px ) { #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnMobile { display: block; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnDesktop { display: none; } } /* WIDE DESKTOP ($desktop-xl-up: 1600px) */ @media ( min-width: 1600px ) { #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 { gap: 0px 0px; grid-template-columns: 1fr 6fr 1fr; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnMobile { display: block; } #grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93 .hideOnWideDesktop { display: none; } } </style> <div class="gridAreas global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none" id="grid-areas-79e1435d-edd7-4e4c-9812-474c3f335b93"> <div class="grid-spacing-footer-lft hideOnDesktop"> </div> <div class="grid-footer-callout "><div class="text primary-color-white section"> <div id="text-eae6c88737" class="cmp-text"> <p>Experience our unified platform for free</p> </div> </div> </div> <div class="grid-spacing-footer-rht hideOnDesktop"> </div> </div> </div> <div class="buttonArrayV1 section"> <ul class="button-array small center-align global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none"> <li class="button-array-list"> <a class="button primary color-ffffff normal" id="footer-free-trial-b33de6" href="/en_za/business/products/trials.html"> Claim your 30-day trial </a> </li> </ul> </div> </div> </div> </section> </div> </div> <div class="footer section"> <ul class="social-media-links"> <li> <a href="https://www.linkedin.com/showcase/trend-micro-middle-east-and-africa/" class="social-icon linkedin" target="_blank" rel="noopener noreferrer"> <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"> <path id="LinkedIn" d="M8.8,10.3a1.5,1.5,0,0,1,1.5-1.5H25.295A1.5,1.5,0,0,1,26.8,10.3V25.294A1.5,1.5,0,0,1,25.3,26.8H10.3a1.5,1.5,0,0,1-1.5-1.5Zm7.125,5.359h2.437v1.224a2.793,2.793,0,0,1,2.6-1.337c2.593,0,3.207,1.4,3.207,3.973v4.763H21.55V20.109c0-1.465-.352-2.291-1.245-2.291-1.24,0-1.755.891-1.755,2.291v4.178H15.925Zm-4.5,8.512H14.05V15.55H11.425v8.624Zm3-11.437a1.688,1.688,0,1,1-.507-1.17A1.689,1.689,0,0,1,14.425,12.737Z" transform="translate(-8.8 -8.8)" fill="#020607" fill-rule="evenodd"/> </svg> </a> </li> <li> <a href="https://www.facebook.com/TrendMicroMMEA" class="social-icon facebook" target="_blank" rel="noopener noreferrer"> <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"> <path id="Facebook" d="M56.087,8.8A3.28,3.28,0,0,0,52.8,12.087V23.513A3.28,3.28,0,0,0,56.087,26.8H62.28V19.763H60.419V17.229H62.28V15.065c0-1.7,1.1-3.262,3.632-3.262a15.371,15.371,0,0,1,1.784.1l-.06,2.366s-.773-.007-1.617-.007c-.913,0-1.06.421-1.06,1.119v1.85h2.75l-.12,2.533h-2.63V26.8h2.554A3.28,3.28,0,0,0,70.8,23.513V12.087A3.28,3.28,0,0,0,67.513,8.8H56.087Z" transform="translate(-52.8 -8.8)" fill="#020607"/> </svg> </a> </li> <li> <a href="https://twitter.com/trendmicro_mea" class="social-icon twitter" target="_blank" rel="noopener noreferrer">  <svg xmlns="http://www.w3.org/2000/svg" width="19.57" height="20" viewBox="0 0 19.57 20"> <path id="x-logo" d="M11.647,8.469,18.932,0H17.206L10.88,7.353,5.827,0H0L7.64,11.119,0,20H1.726l6.68-7.765L13.743,20H19.57L11.646,8.469ZM9.282,11.217,8.508,10.11,2.349,1.3H5L9.971,8.41l.774,1.107,6.461,9.242H14.555L9.282,11.218Z"/> </svg>     </a> </li> <li> <a href="https://www.instagram.com/trendmicro/" class="social-icon instagram" target="_blank" rel="noopener noreferrer"> <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 18 18"> <path id="Instagram" d="M146.09,8.854c.959-.044,1.265-.054,3.71-.054s2.751.011,3.71.054a6.631,6.631,0,0,1,2.186.418,4.607,4.607,0,0,1,2.631,2.632,6.641,6.641,0,0,1,.419,2.184c.044.961.054,1.267.054,3.711s-.011,2.751-.054,3.711a6.61,6.61,0,0,1-.419,2.184,4.6,4.6,0,0,1-2.631,2.632,6.626,6.626,0,0,1-2.185.419c-.96.044-1.266.054-3.711.054s-2.751-.011-3.71-.054a6.6,6.6,0,0,1-2.185-.419,4.595,4.595,0,0,1-2.633-2.631,6.643,6.643,0,0,1-.419-2.185c-.044-.961-.054-1.267-.054-3.711s.01-2.751.054-3.71a6.611,6.611,0,0,1,.419-2.186A4.611,4.611,0,0,1,143.9,9.272a6.65,6.65,0,0,1,2.185-.418Zm7.346,1.62c-.949-.043-1.234-.052-3.636-.052s-2.687.009-3.636.052a4.976,4.976,0,0,0-1.673.31,2.972,2.972,0,0,0-1.708,1.708,4.968,4.968,0,0,0-.31,1.671c-.044.949-.053,1.234-.053,3.637s.009,2.688.053,3.637a4.968,4.968,0,0,0,.31,1.671,2.972,2.972,0,0,0,1.708,1.708,4.976,4.976,0,0,0,1.673.31c.949.043,1.232.052,3.636.052s2.688-.009,3.636-.052a4.976,4.976,0,0,0,1.673-.31,2.972,2.972,0,0,0,1.708-1.708,4.968,4.968,0,0,0,.31-1.671c.043-.949.053-1.234.053-3.637s-.01-2.688-.053-3.637a4.968,4.968,0,0,0-.31-1.671,2.972,2.972,0,0,0-1.708-1.708A4.976,4.976,0,0,0,153.436,10.474Zm-4.786,10.1a3,3,0,1,0-1.075-.758A3,3,0,0,0,148.65,20.574Zm-2.121-6.046a4.626,4.626,0,1,1-1.355,3.271A4.634,4.634,0,0,1,146.529,14.529Zm8.924-.666a1.091,1.091,0,0,0,.25-.355,1.1,1.1,0,0,0,.093-.425,1.093,1.093,0,1,0-.343.78Z" transform="translate(-140.8 -8.8)" fill="#020607" fill-rule="evenodd"/> </svg> </a> </li> <li> <a href="https://www.youtube.com/user/TrendMicroAsia" class="social-icon youtube" target="_blank" rel="noopener noreferrer"> <svg xmlns="http://www.w3.org/2000/svg" width="24.003" height="16.01" viewBox="0 0 24.003 16.01"> <path id="YouTube" d="M205.9,12.112a2.78,2.78,0,0,0-.765-1.27A3.052,3.052,0,0,0,203.8,10.1c-1.877-.495-9.4-.495-9.4-.495a76.616,76.616,0,0,0-9.39.47,3.156,3.156,0,0,0-1.339.76,2.9,2.9,0,0,0-.777,1.276A29.133,29.133,0,0,0,182.4,17.6a29.058,29.058,0,0,0,.489,5.494,2.818,2.818,0,0,0,.775,1.269,3.094,3.094,0,0,0,1.341.743c1.9.494,9.39.494,9.39.494a76.8,76.8,0,0,0,9.4-.47,3.051,3.051,0,0,0,1.339-.742,2.785,2.785,0,0,0,.765-1.27,28.339,28.339,0,0,0,.5-5.495,26.534,26.534,0,0,0-.5-5.517ZM192,21.029V14.182l6.26,3.424Z" transform="translate(-182.4 -9.6)" fill="#020607"/> </svg> </a> </li> </ul> </div> </div> </div> </div> <div class="col-sm-12 col-xs-12 col-md-8 column"><div class="responsiveColumnControlV1 section"> <div class="row global-margin-top-none global-padding-top-none global-padding-bottom-none global-margin-bottom-none" id="responsive-column-e2395452-2bb9-4463-8447-c3c476cefb52"> <div class="col-sm-12 col-xs-12 col-md-4 column"> </div> <div class="col-sm-12 col-xs-12 col-md-4 column"> </div> <div class="col-sm-12 col-xs-12 col-md-4 column"> </div> </div> </div> <div class="gridContainerV1 section"> <style> /* MOBILE (Default) */ #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 { display: grid; gap: 10px 0px; grid-template-columns: 1fr; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnMobile { display: none; } /* TABLET ($tablet-up: 768px) */ @media ( max-width: 1023px ) and ( min-width: 768px ) { #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 { gap: 10px 0px; grid-template-columns: 1fr; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnMobile { display: block; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnTablet { display: none; } } /* WIDE TABLET ($desktop-up: 1024px) */ @media ( max-width: 1199px ) and ( min-width: 1024px ) { #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 { gap: 0px 10px; grid-template-columns: 6fr 6fr 6fr 6fr; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnMobile { display: block; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnWideTablet { display: none; } } /* DESKTOP ($desktop-large-up: 1200px) */ @media ( max-width: 1599px ) and ( min-width: 1200px ) { #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 { gap: 0px 10px; grid-template-columns: 3fr 3fr 3fr 3fr; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnMobile { display: block; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnDesktop { display: none; } } /* WIDE DESKTOP ($desktop-xl-up: 1600px) */ @media ( min-width: 1600px ) { #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 { gap: 0px 10px; grid-template-columns: 3fr 3fr 3fr 4fr; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnMobile { display: block; } #grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119 .hideOnWideDesktop { display: none; } } </style> <div class="gridAreas global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none" id="grid-areas-c2e46132-3bbf-44a9-b4b8-9f89cc1f9119"> <div class="grid-resources-tab1 "><div class="footer section"> <div class="footerMenu"> <h3>Resources</h3> <ul> <li><a href="/en_za/research.html" target="_self" rel="noopener noreferrer">Blog</a></li> <li><a href="/en_za/about/newsroom.html" target="_self" rel="noopener noreferrer">Newsroom</a></li> <li><a href="https://www.trendmicro.com/vinfo/za-en/security/research-and-analysis/threat-reports" target="_self" rel="noopener noreferrer">Threat Reports</a></li> <li><a href="https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US" target="_blank" rel="noopener noreferrer">Find a Partner</a></li> <li><a target="_self" rel="noopener noreferrer"></a></li> <li><a target="_self" rel="noopener noreferrer"></a></li> </ul> </div> </div> </div> <div class="grid-support-tab1 "><div class="footer section"> <div class="footerMenu"> <h3>Support</h3> <ul> <li><a href="https://success.trendmicro.com/en-US/" target="_blank" rel="noopener noreferrer">Business Support Portal</a></li> <li><a href="/en_za/business/get-info-form.html" target="_self" rel="noopener noreferrer">Contact Us</a></li> <li><a href="/en_za/business/products/downloads.html" target="_self" rel="noopener noreferrer">Downloads</a></li> <li><a href="/en_za/business/products/trials.html" target="_self" rel="noopener noreferrer">Free Trials</a></li> <li><a target="_self" rel="noopener noreferrer"></a></li> <li><a target="_self" rel="noopener noreferrer"></a></li> </ul> </div> </div> </div> <div class="grid-about-tab1 "><div class="footer section"> <div class="footerMenu"> <h3>About Trend</h3> <ul> <li><a href="/en_za/about.html" target="_self" rel="noopener noreferrer">About Us</a></li> <li><a href="/en_za/about/careers.html" target="_self" rel="noopener noreferrer">Careers</a></li> <li><a href="/en_za/contact.html#tabs-8a7b2f-5" target="_self" rel="noopener noreferrer">Locations</a></li> <li><a href="/en_za/about/events.html" target="_self" rel="noopener noreferrer">Upcoming Events</a></li> <li><a href="/en_za/about/trust-center.html" target="_self" rel="noopener noreferrer">Trust Centre</a></li> <li><a target="_self" rel="noopener noreferrer"></a></li> </ul> </div> </div> </div> <div class="grid-address-tab1 "><div class="reference parbase section"><div class="cq-dd-paragraph"><div class="root responsivegrid"> <div class="aem-Grid aem-Grid--12 aem-Grid--default--12 "> <div class="containerV1 aem-GridColumn aem-GridColumn--default--12"> <style> @media ( min-width: 1024px ){ #containera8ff4952-916d-40fc-884d-a3db7a32c5e6, .containera8ff4952-916d-40fc-884d-a3db7a32c5e6 { height: auto; background-repeat: no-repeat; background-size: cover; } } @media ( max-width: 1023px ) and ( min-width: 768px ){ #containera8ff4952-916d-40fc-884d-a3db7a32c5e6, .containera8ff4952-916d-40fc-884d-a3db7a32c5e6 { height: auto; background-repeat: no-repeat; background-size: cover; } } @media ( max-width: 767px ){ #containera8ff4952-916d-40fc-884d-a3db7a32c5e6, .containera8ff4952-916d-40fc-884d-a3db7a32c5e6 { height: auto; background-repeat: no-repeat; background-size: cover; } } </style> <div id="containera8ff4952-916d-40fc-884d-a3db7a32c5e6" class="containera8ff4952-916d-40fc-884d-a3db7a32c5e6 container-wrap gray-border global-margin-top-none global-margin-bottom-none global-padding-top-x-small global-padding-bottom-none rounded-corners-off inner-container-width"> <section> <div class="container-content"> <div class="prod-content"><div class="text primary-color-lightestgray font-opensans font-size-18 section"> <div id="text-d0f7b8b7f2" class="cmp-text"> <p><b>Country Headquarters</b></p> </div> </div> <div class="text primary-color-lightgray font-interstate-extralight font-size-14 section"> <div id="text-3b652bef5a" class="cmp-text"> <p>Trend Micro - South Africa (ZA)</p> <p>Silverpoint Office Park<br /> Building 1, Ground Floor<br /> 22 Ealing Crescent<br /> Bryanston, 2191 South Africa</p> <p><b>Phone: +27 (0)11 012 3609</b></p> </div> </div> </div> </div> </section> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <div class="responsiveColumnControlV1 section"> <div class="row global-margin-top-none global-padding-top-none global-padding-bottom-none global-margin-bottom-none" id="responsive-column-adf13ec7-fec7-4117-87e4-16bf740fdf39"> <div class="col-sm-12 col-xs-12 col-md-3 column"><div class="footer section"> <div class="country-selection"> <p>Select a country / region</p> <div class="dropup position-unset"> <button class="btn btn-default dropdown-toggle" type="button" id="countryMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <span class="stateSelect"></span> <span class="material-symbols-outlined"> expand_more</span> </button> <div class="row dropdown-menu" aria-labelledby="countryMenu"> <span class="material-symbols-outlined icon-close">close</span> <div class="coloumn col-xs-12 col-sm-6 col-md-2"> <h4>The Americas</h4> <ul> <li> <a href="/en_us.html">United States</a> </li> <li> <a href="/pt_br.html">Brasil</a> </li> <li> <a href="/en_ca.html">Canada</a> </li> <li> <a href="/es_mx.html">México</a> </li> </ul> </div> <div class="coloumn col-xs-12 col-sm-6 col-md-2"> <h4>Middle East & Africa</h4> <ul> <li> <a href="/en_za.html">South Africa</a> </li> <li> <a href="/en_ae.html">Middle East and North Africa</a> </li> </ul> </div> <div class="coloumn col-xs-12 col-sm-6 col-md-4"> <h4>Europe</h4> <ul> <li> <a href="/en_be.html">België (Belgium)</a> </li> <li> <a href="http://www.trendmicro.cz/">Česká Republika</a> </li> <li> <a href="/en_dk.html">Danmark</a> </li> <li> <a href="/de_de.html">Deutschland, Österreich Schweiz</a> </li> <li> <a href="/es_es.html">España</a> </li> <li> <a href="/fr_fr.html">France</a> </li> <li> <a href="/en_ie.html">Ireland</a> </li> <li> <a href="/it_it.html">Italia</a> </li> <li> <a href="/en_nl.html">Nederland</a> </li> <li> <a href="/en_no.html">Norge (Norway)</a> </li> <li> <a href="/pl_pl.html">Polska (Poland)</a> </li> <li> <a href="/en_fi.html">Suomi (Finland)</a> </li> <li> <a href="/en_se.html">Sverige (Sweden)</a> </li> <li> <a href="/tr_tr.html">Türkiye (Turkey)</a> </li> <li> <a href="/en_gb.html">United Kingdom</a> </li> </ul> </div> <div class="coloumn col-xs-12 col-sm-6 col-md-4"> <h4>Asia & Pacific</h4> <ul> <li> <a href="/en_au.html">Australia</a> </li> <li> <a href="/ru_ru.html">Центральная Азия (Central Asia)</a> </li> <li> <a href="/en_hk.html">Hong Kong (English)</a> </li> <li> <a href="/zh_hk.html">香港 (中文) (Hong Kong) </a> </li> <li> <a href="/en_in.html">भारत गणराज्य (India)</a> </li> <li> <a href="/in_id.html">Indonesia</a> </li> <li> <a href="/ja_jp.html">日本 (Japan)</a> </li> <li> <a href="/ko_kr/business.html">대한민국 (South Korea)</a> </li> <li> <a href="/en_my.html">Malaysia</a> </li> <li> <a href="/en_us.html">Монголия (Mongolia) and рузия (Georgia)</a> </li> <li> <a href="/en_nz.html">New Zealand</a> </li> <li> <a href="/en_ph.html">Philippines</a> </li> <li> <a href="/en_sg.html">Singapore</a> </li> <li> <a href="/zh_tw.html">台灣 (Taiwan)</a> </li> <li> <a href="/th_th.html"> ประเทศไทย (Thailand)</a> </li> <li> <a href="/vi_vn.html">Việt Nam</a> </li> </ul> </div> </div> </div> </div> </div> </div> <div class="col-sm-12 col-xs-12 col-md-9 column"><div class="horizontalSeparatorV1 section"> <style> .horizontalSeparator-87ad3dae-de73-4c4c-80b2-cd5cf6afa2d1.border { border-bottom: 1px solid #bcbdc0; } </style> <div id="horizontalV1-87ad3dae-de73-4c4c-80b2-cd5cf6afa2d1" class="global-margin-top- global-margin-bottom-default global-padding-top-default global-padding-bottom- border horizontalSeparator-87ad3dae-de73-4c4c-80b2-cd5cf6afa2d1"> </div> </div> <div class="responsiveColumnControlV1 section"> <div class="row global-margin-top-none global-padding-top-none global-padding-bottom-none global-margin-bottom-none" id="responsive-column-1bd58bfe-9b99-4f50-9520-fe48ab1e81e0"> <div class="col-sm-12 col-xs-12 col-md-6 column"><div class="text primary-color-white font-interstate-light font-size-14 section"> <div id="privacyLink" class="cmp-text"> <p><a title="privacy" href="/en_za/about/trust-center/privacy.html">Privacy</a> <b>|</b> <a title="Legal" href="/en_za/about/legal.html">Legal</a> <b>|</b> <a title="Accessibility" href="/en_za/about/legal/accessibility-policy.html">Accessibility</a> <b>|</b> <a href="/en_za/about/legal/terms-of-use.html">Terms of Use</a> <b>|</b> <a title="Site map" href="/en_za/business/sitemap.html">Site map</a></p> </div> </div> </div> <div class="col-sm-12 col-xs-12 col-md-6 column"><div class="gridContainerV1 section"> <style> /* MOBILE (Default) */ #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 { display: grid; gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnMobile { display: none; } /* TABLET ($tablet-up: 768px) */ @media ( max-width: 1023px ) and ( min-width: 768px ) { #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnMobile { display: block; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnTablet { display: none; } } /* WIDE TABLET ($desktop-up: 1024px) */ @media ( max-width: 1199px ) and ( min-width: 1024px ) { #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnMobile { display: block; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnWideTablet { display: none; } } /* DESKTOP ($desktop-large-up: 1200px) */ @media ( max-width: 1599px ) and ( min-width: 1200px ) { #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnMobile { display: block; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnDesktop { display: none; } } /* WIDE DESKTOP ($desktop-xl-up: 1600px) */ @media ( min-width: 1600px ) { #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnMobile { display: block; } #grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798 .hideOnWideDesktop { display: none; } } </style> <div class="gridAreas global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none" id="grid-areas-4b3a0ca4-1a59-4f4c-9efe-a28ff9b8c798"> <div class="grid-hide-4-mobile-footer hideOnTablet hideOnMobile"><div class="text primary-color-white font-interstate-light font-size-14 section"> <div id="copyText" class="cmp-text"> <p style="text-align: right;">Copyright ©2024 Trend Micro Incorporated. All rights reserved</p> </div> </div> </div> </div> </div> <div class="gridContainerV1 section"> <style> /* MOBILE (Default) */ #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 { display: grid; gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnMobile { display: none; } /* TABLET ($tablet-up: 768px) */ @media ( max-width: 1023px ) and ( min-width: 768px ) { #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnMobile { display: block; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnTablet { display: none; } } /* WIDE TABLET ($desktop-up: 1024px) */ @media ( max-width: 1199px ) and ( min-width: 1024px ) { #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnMobile { display: block; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnWideTablet { display: none; } } /* DESKTOP ($desktop-large-up: 1200px) */ @media ( max-width: 1599px ) and ( min-width: 1200px ) { #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnMobile { display: block; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnDesktop { display: none; } } /* WIDE DESKTOP ($desktop-xl-up: 1600px) */ @media ( min-width: 1600px ) { #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 { gap: 0px 0px; grid-template-columns: 1fr; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnMobile { display: block; } #grid-areas-c041e459-2d39-4b27-bacf-d105e2788445 .hideOnWideDesktop { display: none; } } </style> <div class="gridAreas global-margin-top-none global-margin-bottom-none global-padding-top-none global-padding-bottom-none" id="grid-areas-c041e459-2d39-4b27-bacf-d105e2788445"> <div class="grid-hide-4-desktop-footer hideOnWideDesktop hideOnDesktop hideOnWideTablet"><div class="text primary-color-white font-interstate-light font-size-14 section"> <div id="copyText" class="cmp-text"> <p style="text-align: left;">Copyright ©2024 Trend Micro Incorporated. All rights reserved</p> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <script src="/etc.clientlibs/clientlibs/granite/jquery.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/utils.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/jquery/granite.min.js"></script> <script src="/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/clientLibs.min.js"></script> </div> </div></div>  <script src="https://www.trendmicro.com/content/dam/trendmicro/global/core-library/sly.min.js"></script> <script src="https://www.trendmicro.com/content/dam/trendmicro/global/core-library/jwplayer.js"></script> <script type="text/javascript" src="https://www.youtube.com/iframe_api"></script> <script src="/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.js"></script> <script src="/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.js"></script>  <div class="modal-wrap"></div> <div class="jwPlayerString hidden"> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk</span> </div>  </body> </html>