Axiom

Threat Actor updated 23 days ago (2024-11-29T13:30:41.138Z)
Download STIX
Preview STIX
Axiom is a recognized threat actor, also known as a hacking team, that has been associated with malicious activities. The group has ties to the Chinese intelligence apparatus and has operated under various names such as Winnti, PassCV, APT17, LEAD, BARIUM, Wicked Panda, and GREF. The naming conventions for these groups were established by cybersecurity companies like Kaspersky Lab and Symantec in their 2013/2014 reports. Axiom, along with other groups, utilizes external resources as per the diamond model of intrusion analysis, which states that any intrusion event requires one or more external resources to succeed. The APT41 group, another alias for Axiom, has been active since at least 2007 and is linked to significant cyberespionage activities originating from China. This group has demonstrated its capabilities by exploiting various infrastructure and targets to achieve its goals. Their activities align with the primary axiom of the intrusion analysis model, which emphasizes that every intrusion event involves an adversary using specific capabilities over infrastructure against a victim to produce a result. In recent developments, the term "Axiom" has also been associated with non-malicious entities. For instance, Axiom Space, a company unrelated to the threat actor, announced plans to build and launch an orbital datacenter to support missions aboard its commercial space station. Notably, retired Gen. John W. “Jay” Raymond joined the board of directors for Axiom Space. Furthermore, Axiom Armored is listed as a key player in the cash management system market. It's crucial to differentiate between these entities and the threat actor Axiom to avoid confusion.
Description last updated: 2024-05-04T16:18:26.729Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Winnti is a possible alias for Axiom. Winnti is a threat actor group known for its malicious activities, primarily originating from Chinese Advanced Persistent Threat (APT) operational infrastructure. The group, which has been active since at least 2007, was first spotted by Kaspersky in 2013. It is associated with several aliases such
3
APT41 is a possible alias for Axiom. APT41, also known as Winnti, is a threat actor suspected to be originating from China, with its activities dating back to as early as 2012. It has targeted organizations in at least 14 countries and has been associated with the use of at least 46 different code families and tools. The group's activi
2
Barium is a possible alias for Axiom. Barium, also known as BRONZE ATLAS or APT41, is a threat actor that has been associated with various malicious activities. Originating from China and active since at least 2007, this group has been implicated in cyberespionage efforts targeting multiple sectors across the globe. In 2017, according t
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Axiom Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
9 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
Recorded Future
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
MITRE
2 years ago
MITRE
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago