Bronze Riverside

Threat Actor updated 7 months ago (2024-05-04T20:37:11.589Z)

Download STIX

Preview STIX

BRONZE RIVERSIDE, also known as APT10 and Earth Tengshe, is a threat actor associated with the Chinese Ministry of State Security (MSS). This group has been primarily involved in cyber espionage activities, focusing on the theft of intellectual property from Japanese organizations. The group's activities have included targeting overseas subsidiaries and suppliers of Japanese manufacturing, engineering, electronics, automotive, energy, and technology companies, with alleged intentions to gain access to the parent companies in Japan. These activities were particularly noted in late 2021. The Counter Threat Unit (CTU) researchers have observed the use of HUI Loader in the A41APT campaign linked to BRONZE RIVERSIDE, as well as in post-intrusion ransomware activity connected to BRONZE STARLIGHT. However, as of this publication, the researchers have not found any links between HUI Loader and publicly available code. This suggests that the tool may be unique to these threat actors or at least not widely used outside of their operations. Despite the evidence pointing towards BRONZE RIVERSIDE's involvement in these malicious activities, CTU researchers have been unable to conclusively corroborate the attribution based on the information available in the report. However, the tactics, techniques, and procedures (TTPs) employed by this threat actor align closely with those typically seen in Chinese threat group activity. This alignment further supports the theory that BRONZE RIVERSIDE is indeed a part of the Chinese MSS.

Description last updated: 2023-10-11T00:41:34.754Z

What's your take? (Question 1 of 0)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
APT10 is a possible alias for Bronze Riverside. APT10, also known as menuPass, is a sophisticated threat actor believed to be operating on behalf of the Chinese Ministry of State Security (MSS). It has been active since at least 2006 and has been linked to numerous cyber espionage campaigns. The group utilizes advanced techniques and tools that a	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Bronze Riverside Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Preview	Source Link	CreatedAt	Title
	CERT-EU	a year ago	Japan in the Crosshairs of Many State-Sponsored Threat Actors New Report Finds
	Secureworks	2 years ago	BRONZE STARLIGHT Ransomware Operations Use HUI Loader