| ID | Votes | Profile Description |
|---|---|---|
| Taurus | 3 | Taurus is a malicious software (malware) that has been associated with multiple cyber threat actors, notably Stately Taurus, Iron Taurus, and Starchy Taurus, all of which have connections to Chinese Advanced Persistent Threats (APTs). The malware is designed to infiltrate systems and steal personal |
| GALLIUM | 3 | Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas |
| Sword2033 | 2 | Sword2033 is a new and previously undocumented backdoor tool used by the China-linked threat actor known as Alloy Taurus. This group, also referred to as GALLIUM or Softcell, has been actively targeting Linux systems with a variant of the PingPull backdoor, while also deploying Sword2033 in their op |
| Stately Taurus | 2 | Stately Taurus, also known as Mustang Panda, Bronze President, Red Delta, LuminousMoth, Earth Preta, and Camaro Dragon, is a potent malware linked to Chinese Advanced Persistent Threat (APT) activities. The first signs of its operation date back to at least 2012, with notable activity traced to Marc |
| Gelsemium | 2 | Gelsemium is a sophisticated malware associated with Advanced Persistent Threat (APT) activities. It is known for its stealthy operations and the use of server-side exploits to deploy a web shell and multiple custom tools on targeted systems. The malware has been used in cyber-attacks against variou |
| Softcell | 1 | Softcell is a recognized threat actor, also known as GALLIUM, that has gained notoriety for its targeted cyber attacks on telecommunications companies operating in Southeast Asia, Europe, and Africa. This group's activities have been meticulously tracked and documented by cybersecurity professionals |
| Granite Typhoon | 1 | Granite Typhoon is a notable malware that has been implicated in several cyber-attacks on various organizations and entities. The malware, which operates by infiltrating systems through suspicious downloads, emails, or websites, has been linked to attacks on telecommunications firms in 2023, an oper |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| PingPull | Unspecified | 4 | PingPull is a malicious software (malware) developed by the Chinese nation-state group known as Alloy Taurus, also referred to as Gallium. The malware is designed to exploit and damage computer systems, with capabilities such as stealing personal information, disrupting operations, or holding data h |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Daggerfly | Unspecified | 1 | DaggerFly, also known as Evasive Panda and Bronze Highland, is a Chinese-speaking Advanced Persistent Threat (APT) group that has been active since 2012. The group is known for its cyberespionage activities targeting individuals in mainland China, Hong Kong, Macao, and Nigeria. In addition to these |
| APT10 | Unspecified | 1 | APT10, also known as the Menupass Team, is a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). The group has been active since 2009 and is suspected to be based in Tianjin, China, according to research by IntrusionTruth in 2018. APT10 has primarily targeted |
| APT41 | Unspecified | 1 | APT41, also known as Winnti, Wicked Panda, and Wicked Spider, is a sophisticated threat actor attributed to China. This group has been active since at least 2012, targeting organizations across 14 countries. The group is known for its extensive use of various code families and tools, with at least 4 |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| InfoSecurity-magazine | 9 months ago | North Korean Hackers Target macOS Crypto Engineers With Kandykorn |
| InfoSecurity-magazine | 10 months ago | Sophisticated APT Clusters Target Southeast Asia |
| CERT-EU | 10 months ago | New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government |
| Unit42 | 10 months ago | Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus |
| Unit42 | 10 months ago | Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda |
| Unit42 | 10 months ago | Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government |
| Unit42 | 10 months ago | Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government |
| CERT-EU | 10 months ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online |
| Unit42 | a year ago | Chinese Alloy Taurus Updates PingPull Malware |
| CERT-EU | a year ago | Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks |
| CERT-EU | a year ago | Chinese APT group Alloy Taurus unleashes new Linux variant of PingPull malware |
| CERT-EU | a year ago | Новый бэкдор Sword2033 выдаёт китайские хакерские атаки за действия южноафриканских военных |
| CERT-EU | a year ago | State-purchased spyware prevalent |
| CERT-EU | a year ago | New Linux malware variants leveraged in Chinese cyberespionage campaign |
| Securityaffairs | a year ago | Alloy Taurus APT uses a Linux variant of PingPull malware |
| CERT-EU | a year ago | Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks - GIXtools |
| CERT-EU | a year ago | Traffic to South African military websites from Linux server? Infection symptom of PingPull malware |
| CERT-EU | a year ago | China-linked Alloy Taurus APT uses a Linux variant of PingPull malware | IT Security News |
| CERT-EU | a year ago | Chinese APT Alloy Taurus Is Back - Linux Variant of PingPull Malware Is Active |
| CERT-EU | a year ago | Cyber security week in review: April 28, 2023 |