Alias Description | Votes |
---|---|
ZIRCONIUM is a possible alias for APT31. Zirconium, also known as APT31, Judgment Panda, and Red Keres, is a threat actor linked to numerous cyber espionage operations. The group came into the spotlight in 2022 when the Check Point Research team discovered that it had used a tool called "Jian," a clone of the NSA Equation Group's hacking t | 6 |
Judgment Panda is a possible alias for APT31. Judgment Panda, also known as APT31, Zirconium, Violet Typhoon, and Red Keres, is a threat actor believed to be linked to the Chinese nation-state. This group has been active since at least 2016 and has been involved in multiple cyber espionage operations. The group gained significant attention in 2 | 5 |
jian is a possible alias for APT31. Jian, a cyber espionage tool used by the China-linked APT31 group (also known as Zirconium, Judgment Panda, and Red Keres), has been implicated in multiple cyber espionage operations. The tool was first brought to public attention in 2022 when it was discovered by the Check Point Research team. Nota | 2 |
Violet Typhoon is a possible alias for APT31. Violet Typhoon, also known as APT31, Judgment Panda, and formerly Zirconium, is a threat actor believed to be aligned with the Chinese nation-state. This group, active since at least 2017, is known for executing advanced persistent threats with minimal overlaps with other Beijing-aligned groups such | 2 |
Bronze Vinewood is a possible alias for APT31. BRONZE VINEWOOD, also known as APT31, is a cyberespionage group believed to be of Chinese origin. This threat actor has been active in targeting various sectors in the United States, specifically the legal sector in 2017 and government and defense supply chain networks in 2018. The Secureworks® Coun | 2 |
Eastwind is a possible alias for APT31. Eastwind is a threat actor that has been under investigation by Kaspersky researchers due to its malicious activities. The campaign, dubbed "EastWind", was discovered during an investigation into devices infected via phishing emails containing malicious shortcut attachments. This threat actor has be | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Grewapacha Malware is associated with APT31. GrewApacha is a Remote Access Trojan (RAT) that has been used by Advanced Persistent Threat group 31 (APT31), also known as EastWind, since 2021. It is a type of malware designed to infiltrate systems undetected, enabling the attacker to control the infected device remotely. The GrewApacha Trojan ca | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT27 Threat Actor is associated with APT31. APT27, also known as Emissary Panda, is a threat actor group suspected to be affiliated with China. The group's primary objective is the theft of intellectual property, focusing on data and projects that make organizations competitive within their respective fields. APT27 has targeted multiple organ | Unspecified | 4 |
The Mustang Panda Threat Actor is associated with APT31. Mustang Panda, a China-aligned Advanced Persistent Threat (APT) group, has been identified as a significant cyber threat actor involved in a series of malicious activities. Notably, Mustang Panda was found to be associated with the BRONZE PRESIDENT phishing lure, which delivered PlugX and used modif | Unspecified | 2 |
The GALLIUM Threat Actor is associated with APT31. Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas | Unspecified | 2 |
The threatActor Red Keres is associated with APT31. | Unspecified | 2 |
The Equation Group Threat Actor is associated with APT31. The Equation Group is a threat actor, believed to have ties to the United States, that has been involved in numerous cyber espionage operations. The group's favorite vulnerabilities include CVE-2017-0144, a Windows server message block code execution vulnerability that was leaked by another group kn | Unspecified | 2 |
The Cloudsorcerer Threat Actor is associated with APT31. CloudSorcerer, a threat actor identified by Kaspersky, has been actively targeting Russian government entities using sophisticated cyber espionage tools. The group uses cloud services for command and control (C2), similar to the modus operandi of the CloudWizard actor. In addition to launching the G | Unspecified | 2 |
The Ke3chang Threat Actor is associated with APT31. Ke3chang, also known as APT15, Mirage, Vixen Panda GREF, and Playful Dragon, is a prominent threat actor that has been active since at least 2010. According to the European Union Agency for Cybersecurity (ENISA), this group has consistently targeted energy, government, and military sectors. Ke3chang | Unspecified | 2 |
The APT30 Threat Actor is associated with APT31. APT30, a threat actor suspected to be attributed to China, has been active since at least 2005. This group primarily targets members of the Association of Southeast Asian Nations (ASEAN). APT30 is notable for its sustained activity over an extended period and its ability to adapt and modify source c | Unspecified | 2 |
The Shadow Brokers Threat Actor is associated with APT31. The Shadow Brokers, a threat actor group, has been involved in several high-profile cybersecurity incidents. They first came into the limelight in August 2016 when they leaked tools believed to be from the Equation Group, an Advanced Persistent Threat (APT) group associated with the U.S. National Se | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Epme Vulnerability is associated with APT31. EpMe is a software vulnerability (CVE-2017-0005) that was first discovered within the Equation Group's exploit arsenal, with its existence traced back to at least 2013. The Equation Group, believed to be linked to the NSA, developed this exploit as part of their cyber toolset which also included Dan | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | 12 days ago | ||
Securelist | 15 days ago | ||
BankInfoSecurity | 21 days ago | ||
DARKReading | 2 months ago | ||
Securelist | 2 months ago | ||
Securityaffairs | 3 months ago | ||
BankInfoSecurity | 6 months ago | ||
BankInfoSecurity | 6 months ago | ||
BankInfoSecurity | 7 months ago | ||
Checkpoint | 7 months ago | ||
BankInfoSecurity | 7 months ago | ||
Securityaffairs | 7 months ago | ||
BankInfoSecurity | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Flashpoint | 7 months ago | ||
DARKReading | 7 months ago | ||
BankInfoSecurity | 7 months ago | ||
InfoSecurity-magazine | 7 months ago | ||
CERT-EU | 8 months ago |