Alias Description | Votes |
---|---|
BlackMould is a possible alias for China Chopper. BlackMould is a type of malware, specifically a native web shell, that has been observed in use by GALLIUM, a China-aligned intrusion group. This malicious software is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites without t | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The PingPull Malware is associated with China Chopper. PingPull is a malicious software (malware) developed by the Chinese nation-state group known as Alloy Taurus, also referred to as Gallium. The malware is designed to exploit and damage computer systems, with capabilities such as stealing personal information, disrupting operations, or holding data h | Unspecified | 3 |
The ASPXSpy Malware is associated with China Chopper. ASPXSpy is a type of malware, specifically a web shell, that has been used by various threat actors to exploit and damage computer systems. The earliest deployment attempts date back to 2022 when this malicious software was deployed to multiple hosted websites. It's typically installed on vulnerable | Unspecified | 3 |
The PlugX Malware is associated with China Chopper. PlugX is a Remote Access Trojan (RAT) malware known for its stealthy operations and destructive capabilities. It is often used by threat actors to exploit and damage computer systems, steal personal information, disrupt operations, or hold data hostage for ransom. Its deployment has been linked to s | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The HAFNIUM Threat Actor is associated with China Chopper. Hafnium, a China-aligned Advanced Persistent Threat (APT) group, has been identified as a significant cybersecurity threat. The group is known for exploiting vulnerabilities in software such as Microsoft Exchange Server and Zoho products. In 2021, Hafnium was actively exploiting a bug in the Microso | Unspecified | 2 |
The Flax Typhoon Threat Actor is associated with China Chopper. Flax Typhoon, also known as RedJuliett and Ethereal Panda, is a threat actor linked to China that has been actively targeting entities in Taiwan and around the South China Sea. The group's activities have primarily focused on organizations associated with IT, military, and government interests. Over | Unspecified | 2 |
The GALLIUM Threat Actor is associated with China Chopper. Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas | Unspecified | 2 |
The Regeorg Threat Actor is associated with China Chopper. Regeorg is a threat actor known for its malicious activities in the cyber landscape. Notably, operators of LuckyMouse initiated an attack by dropping the Nbtscan tool in C:\programdata\, followed by installing a variant of the ReGeorg webshell and issuing a GET request using curl. They then tried to | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | a month ago | ||
Securelist | a month ago | ||
BankInfoSecurity | 5 months ago | ||
DARKReading | 5 months ago | ||
Checkpoint | 6 months ago | ||
DARKReading | 6 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
MITRE | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
Unit42 | a year ago | ||
Unit42 | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago |