Cloud Hopper

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
Cloud Hopper is a threat actor, also known as APT10, that has been involved in significant cyber espionage activities. This group executed a campaign named Operation Cloud Hopper, where they targeted managed IT service providers with the intention of gaining unauthorized access to their clients' networks. The campaign was characterized by sophisticated tactics and techniques, including the use of Nbtscan, a tool utilized to search for services across the IT estate and footprint endpoints of interest. The operation was first detailed in a report by PWC (PricewaterhouseCoopers), which shed light on the extent and severity of the attacks orchestrated by Cloud Hopper. The group's activities primarily revolved around leveraging the trust relationships between IT service providers and their clients. By infiltrating these providers, Cloud Hopper was able to hop from one client network to another, hence the name of the operation. APT10's Operation Cloud Hopper represents a serious threat to corporate security, especially for companies relying on managed IT service providers. The campaign highlights the need for robust cybersecurity measures, not just at the individual company level but also within third-party service providers. As such, organizations are advised to conduct thorough risk assessments of their supply chains and implement stringent controls to mitigate the risk of similar threats in the future.
What's your take? (Question 1 of 0)
cb9d182b-d521-4e32-b149-cc1b09d19916 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
APT10
2
APT10, also known as the Menupass Team, is a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). The group has been active since 2009 and is suspected to be based in Tianjin, China, according to research by IntrusionTruth in 2018. APT10 has primarily targeted
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Cloud Hopper Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers
Count Upon Security
a year ago
Malware Analysis – PlugX
CERT-EU
a year ago
Intellectual Property Security: Defending Valuable Business Assets - Security Boulevard