| Alias Description | Votes |
|---|---|
| ZIRCONIUM is a possible alias for APT31. Zirconium, also known as APT31, Judgment Panda, and Red Keres, is a threat actor linked to numerous cyber espionage operations. The group came into the spotlight in 2022 when the Check Point Research team discovered that it had used a tool called "Jian," a clone of the NSA Equation Group's hacking t | 6 |
| Judgment Panda is a possible alias for APT31. Judgment Panda, also known as APT31, Zirconium, Violet Typhoon, and Red Keres, is a threat actor believed to be linked to the Chinese nation-state. This group has been active since at least 2016 and has been involved in multiple cyber espionage operations. The group gained significant attention in 2 | 5 |
| Volt Typhoon is a possible alias for APT31. Volt Typhoon, a cyberespionage cluster sponsored by China, has emerged as a significant threat actor in the cybersecurity landscape. Known for its strong operational security and obfuscation of malware, Volt Typhoon is both a resilient botnet and a warning signal of potential critical infrastructure | 3 |
| Bronze Vinewood is a possible alias for APT31. BRONZE VINEWOOD, also known as APT31, is a cyberespionage group believed to be of Chinese origin. This threat actor has been active in targeting various sectors in the United States, specifically the legal sector in 2017 and government and defense supply chain networks in 2018. The Secureworks® Coun | 2 |
| Cloudsorcerer is a possible alias for APT31. CloudSorcerer, a threat actor group known for its malicious activities, has been identified by Kaspersky as the entity behind a new EastWind campaign targeting Russian organizations. The group updated their CloudSorcerer backdoor after it was initially described in a blog post by Kaspersky in early | 2 |
| Eastwind is a possible alias for APT31. EastWind is a threat actor identified by cybersecurity firm Kaspersky, known for executing actions with malicious intent. The group has recently launched a new campaign targeting Russian organizations, utilizing tools such as CloudSorcerer, APT31, and APT27. This campaign, dubbed "EastWind" by Kaspe | 2 |
| Grewapacha is a possible alias for APT31. GrewApacha is a Remote Access Trojan (RAT) that has been used by Advanced Persistent Threat group 31 (APT31), also known as EastWind, since 2021. It is a type of malware designed to infiltrate systems undetected, enabling the attacker to control the infected device remotely. The GrewApacha Trojan ca | 2 |
| jian is a possible alias for APT31. Jian, a cyber espionage tool used by the China-linked APT31 group (also known as Zirconium, Judgment Panda, and Red Keres), has been implicated in multiple cyber espionage operations. The tool was first brought to public attention in 2022 when it was discovered by the Check Point Research team. Nota | 2 |
| Violet Typhoon is a possible alias for APT31. Violet Typhoon, also known as APT31, Judgment Panda, and formerly Zirconium, is a threat actor believed to be aligned with the Chinese nation-state. This group, active since at least 2017, is known for executing advanced persistent threats with minimal overlaps with other Beijing-aligned groups such | 2 |
| Alias Description | Association Type | Votes |
|---|---|---|
| The APT27 Threat Actor is associated with APT31. APT27, also known as Emissary Panda or Iron Taurus, is a threat actor suspected to be associated with China and has been involved in cyber operations primarily aimed at intellectual property theft. The group targets organizations globally, including those in North and South America, Europe, and the | Unspecified | 4 |
| The APT41 Threat Actor is associated with APT31. APT41, also known as Winnti, is a threat actor suspected to be originating from China, with its activities dating back to as early as 2012. It has targeted organizations in at least 14 countries and has been associated with the use of at least 46 different code families and tools. The group's activi | Unspecified | 3 |
| The Equation Group Threat Actor is associated with APT31. The Equation Group is a threat actor, believed to have ties to the United States, that has been involved in numerous cyber espionage operations. The group's favorite vulnerabilities include CVE-2017-0144, a Windows server message block code execution vulnerability that was leaked by another group kn | Unspecified | 2 |
| The Shadow Brokers Threat Actor is associated with APT31. The Shadow Brokers, a threat actor group, has been involved in several high-profile cybersecurity incidents. They first came into the limelight in August 2016 when they leaked tools believed to be from the Equation Group, an Advanced Persistent Threat (APT) group associated with the U.S. National Se | Unspecified | 2 |
| The Winnti Threat Actor is associated with APT31. Winnti is a threat actor group known for its malicious activities, primarily originating from Chinese Advanced Persistent Threat (APT) operational infrastructure. The group, which has been active since at least 2007, was first spotted by Kaspersky in 2013. It is associated with several aliases such | Unspecified | 2 |
| The threatActor Red Keres is associated with APT31. | Unspecified | 2 |
| The GALLIUM Threat Actor is associated with APT31. Gallium, also known as Alloy Taurus, is a threat actor group that has been associated with significant cyber-espionage campaigns and is believed to have ties with China. The group has been linked to multiple intrusion sets targeting network devices, including routers and servers. Gallium notably tar | Unspecified | 2 |
| The Mustang Panda Threat Actor is associated with APT31. Mustang Panda, a China-aligned Advanced Persistent Threat (APT) group, has been identified as a significant cyber threat actor involved in a series of malicious activities. Notably, Mustang Panda was found to be associated with the BRONZE PRESIDENT phishing lure, which delivered PlugX and used modif | Unspecified | 2 |
| The Ke3chang Threat Actor is associated with APT31. Ke3chang, also known as APT15, Mirage, Vixen Panda GREF, and Playful Dragon, is a prominent threat actor that has been active since at least 2010. According to the European Union Agency for Cybersecurity (ENISA), this group has consistently targeted energy, government, and military sectors. Ke3chang | Unspecified | 2 |
| The APT30 Threat Actor is associated with APT31. APT30, a threat actor suspected to be attributed to China, has been active since at least 2005. This group primarily targets members of the Association of Southeast Asian Nations (ASEAN). APT30 is notable for its sustained activity over an extended period and its ability to adapt and modify source c | Unspecified | 2 |
| Alias Description | Association Type | Votes |
|---|---|---|
| The Epme Vulnerability is associated with APT31. EpMe is a software vulnerability (CVE-2017-0005) that was first discovered within the Equation Group's exploit arsenal, with its existence traced back to at least 2013. The Equation Group, believed to be linked to the NSA, developed this exploit as part of their cyber toolset which also included Dan | Unspecified | 2 |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Securelist | 6 days ago | ||
| Securityaffairs | 19 days ago | ||
| InfoSecurity-magazine | 20 days ago | ||
| BankInfoSecurity | 21 days ago | ||
| Securelist | a month ago | ||
| Securelist | a month ago | ||
| BankInfoSecurity | a month ago | ||
| DARKReading | 3 months ago | ||
| Securelist | 3 months ago | ||
| Securityaffairs | 3 months ago | ||
| BankInfoSecurity | 6 months ago | ||
| BankInfoSecurity | 6 months ago | ||
| BankInfoSecurity | 8 months ago | ||
| Checkpoint | 8 months ago | ||
| BankInfoSecurity | 8 months ago | ||
| Securityaffairs | 8 months ago | ||
| BankInfoSecurity | 8 months ago | ||
| Securityaffairs | 8 months ago | ||
| Securityaffairs | 8 months ago | ||
| Flashpoint | 8 months ago |