BRONZE MOHAWK

Threat Actor updated 3 months ago (2024-08-01T14:56:31.010Z)
Download STIX
Preview STIX
Bronze Mohawk is a notable threat actor in the cybersecurity landscape, often associated with state-sponsored cyber activities. It is believed to be part of a larger network of Advanced Persistent Threat (APT) groups, including APT40, also known as Kryptonite Panda, GINGHAM TYPHOON, Leviathan, and others. These groups are known for their persistent and sophisticated cyber attacks, with techniques that significantly overlap, suggesting shared resources or a common origin. The naming conventions for these groups vary across the industry, reflecting the complex and evolving nature of cybersecurity threats. In a recent incident, Google's Threat Analysis Group (TAG) linked a fourth WinRAR attack to the China-backed group IslandDreams, which is also tracked as Bronze Mohawk among other names. This attack was part of a phishing campaign launched in late August, targeting users in Papua New Guinea. Such tactics mirror those used by other China-affiliated threat actors, further reinforcing the connection between these groups and indicating a broader strategic approach to cyber warfare. The Australian Cyber Security Centre (ACSC) has issued an advisory based on ongoing investigations into these incidents, identifying the People's Republic of China (PRC) as the likely sponsor of the APT40 group, and by extension, Bronze Mohawk. The advisory highlights similarities in the group's activity with other China-backed threat groups like Kryptonite Panda, Gingham Typhoon, and Leviathan. This information underscores the global challenge posed by state-sponsored cyber threats and the need for continued vigilance and robust cybersecurity defenses.
Description last updated: 2024-08-01T13:29:36.953Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Kryptonite Panda is a possible alias for BRONZE MOHAWK. Kryptonite Panda, also known as APT40, Bronze Mohawk, Periscope, Mudcarp, and GINGHAM TYPHOON among others, is a threat actor believed to be based in Haikou, Hainan Province, People's Republic of China. This threat group has been associated with an array of cyber-espionage operations targeting gover
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the BRONZE MOHAWK Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more