| ID | Votes | Profile Description |
|---|---|---|
| Emissary Panda | 7 | Emissary Panda, also known as APT27, Iron Tiger, Bronze Union, Lucky Mouse, and Budworm, is a notable threat actor linked to China. This group has been engaged in the theft of intellectual property from organizations in sectors that China perceives as being of vital strategic interest. The group has |
| Iron Tiger | 4 | Iron Tiger, also known as Iron Taurus or APT27, is a threat actor group known for executing malicious actions with the intent of espionage. The group became prominent after its involvement in Operation Iron Tiger, which was reported in 2015. This operation was a series of Chinese cyber-espionage att |
| LuckyMouse | 4 | LuckyMouse, also known as Budworm, Emissary Panda, and APT27, is a threat actor that has been involved in several high-profile cyber-espionage activities. The group has demonstrated its ability to develop and deploy advanced cyber tools, targeting various operating systems including MacOS, Linux, an |
| Lucky Mouse | 3 | Lucky Mouse, also known as Emissary Panda, APT27, Threat Group 3390, Bronze Union, and several other names, is a malicious software (malware) attributed to a China-linked Advanced Persistent Threat (APT) group. This malware has been active since at least 2013, targeting various industry verticals fo |
| SysUpdate | 3 | SysUpdate is a malicious software variant that has been exclusively used by Budworm, also known as APT27, Emissary Panda, Bronze Union, Lucky Mouse, Iron Tiger, and Red Phoenix. In December 2020, a sample of the SysUpdate malware variant was found, with its payload being a new version of SysUpdate. |
| BRONZE UNION | 2 | Bronze Union, also known as APT27, Emissary Panda, Lucky Mouse, Iron Tiger, and Red Phoenix, is a threat actor with alleged connections to the Chinese government. The group has been observed targeting organizations across Europe, North and South America, Africa, the Middle East, and the Asia-Pacific |
| Budworm | 2 | Budworm, also known as LuckyMouse or APT 27, is a threat actor that has been associated with various high-profile cyber attacks. This group has been found to utilize tools such as the Korplug backdoor, which is commonly used by multiple Advanced Persistent Threats (APTs) including Budworm and APT41, |
| Iron Taurus | 2 | Iron Taurus, also known as APT27, is a malware that has been linked to various cyber-espionage activities. This malicious software is designed to infiltrate systems surreptitiously through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operatio |
| Cobra Docguard | 2 | Cobra DocGuard, a software produced by Chinese firm EsafeNet for protecting, encrypting, and decrypting software, has been exploited in a series of malware attacks. The attackers compromised the software's update files to deliver malicious updates that infected targeted systems. The first known inst |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Cobra | Unspecified | 2 | Cobra is a type of malware, short for malicious software, designed to exploit and damage computer systems or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Cobra has the potential to steal personal information, disrup |
| Stately Taurus | Unspecified | 2 | Stately Taurus is a sophisticated malware associated with a Chinese Advanced Persistent Threat (APT) group that conducts cyberespionage campaigns. This group has been observed targeting government entities, as well as religious and non-governmental organizations across Europe and Asia. The malware i |
| PlugY | Unspecified | 2 | PlugY is a newly identified malware that has been deployed by cyber attackers to infiltrate systems and cause significant damage. This malicious software, known for its capacity to exploit and harm computer systems, can enter a system through suspicious downloads, emails, or websites, often unbeknow |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| APT31 | Unspecified | 4 | APT31, also known as Zirconium, is a threat actor group linked to the Chinese government that has been implicated in numerous cyber espionage activities. One of their most notable exploits was the cloning of the Equation Group's exploit, EpMe (CVE-2017-0005). This exploit was initially discovered du |
| Mustang Panda | Unspecified | 4 | Mustang Panda, also known as Bronze President, Nomad Panda, Naikon, Earth Preta, and Stately Taurus, is a Chinese-aligned threat actor that has been associated with widespread attacks against various countries in the Asia-Pacific region. The group's malicious activities were first traced back to Mar |
| Ke3chang | Unspecified | 2 | Ke3chang, also known as APT15, Mirage, Vixen Panda GREF, and Playful Dragon, is a prominent threat actor that has been active since at least 2010. According to the European Union Agency for Cybersecurity (ENISA), this group has consistently targeted energy, government, and military sectors. Ke3chang |
| APT30 | Unspecified | 2 | APT30, a threat actor suspected to be attributed to China, has been active since at least 2005. This group primarily targets members of the Association of Southeast Asian Nations (ASEAN). APT30 is notable for its sustained activity over an extended period and its ability to adapt and modify source c |
| GALLIUM | Unspecified | 2 | Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| DARKReading | 24 days ago | 'EastWind' Cyber Spy Campaign Combines Various Chinese APT Tools | |
| Securelist | 24 days ago | EastWind campaign distributes CloudSorcerer and two APT tools | |
| Securityaffairs | a month ago | EastWind campaign targets Russian organizations with sophisticated backdoors | |
| Securityaffairs | 3 months ago | Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign | |
| BankInfoSecurity | 3 months ago | Active Chinese Cyberespionage Campaign Rifling Email Servers | |
| Unit42 | 3 months ago | Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia | |
| CERT-EU | a year ago | Multiple Chinese APTs are attacking European targets, EU cyber agency warns | #ukscams | #datingscams | #european | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting | |
| CERT-EU | a year ago | China-based spies are hacking East Asian semiconductor companies, report says | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | |
| CERT-EU | a year ago | Semiconductor firms targeted by Chinese hackers | |
| CERT-EU | a year ago | China-linked cyberspies backdoor semiconductor firms with Cobalt Strike | |
| CERT-EU | a year ago | Budworm: APT Group Uses Updated Custom Tool in Attacks on Government and Telecoms Org - Cyber Security Review | |
| CERT-EU | a year ago | DDoS attack hits Russian flight booking system claimed by Ukrainian hackers | |
| CERT-EU | a year ago | Asian government, telco targeted by Chinese APT | |
| CERT-EU | a year ago | Cyber Security Week in Review: September 29, 2023 | |
| InfoSecurity-magazine | a year ago | Budworm APT Evolves Toolset, Targets Telecoms and Government | |
| CERT-EU | a year ago | Budworm hackers target telcos and govt orgs with custom malware | |
| CERT-EU | a year ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online | |
| BankInfoSecurity | a year ago | Threat Actor Targets Hong Kong With Korplug Backdoor | |
| CERT-EU | a year ago | Novel Carderbee supply chain attack impacts Asian organizations | |
| Securityaffairs | a year ago | Carderbee APT targets Hong Kong orgs via supply chain attacks |