ESET researchers found that the Tick cyberespionage group compromised an East Asian Data-Loss Prevention (DLP) company in 2021 and used a wide range of tools in similar attacks. In one of its campaigns, it used a tampered version of a legitimate app called Q-Dir to drop an open-source VBScript backdoor named ReVBShell.