Alias Description | Votes |
---|---|
Alloy Taurus is a possible alias for GALLIUM. Alloy Taurus, a threat actor group, has been identified as a significant cybersecurity concern due to its persistent attempts at cyberespionage, primarily targeting the government sector in Southeast Asia. The activity of this group was first observed in early 2022 and continued throughout 2023, dur | 3 |
Granite Typhoon is a possible alias for GALLIUM. Granite Typhoon is a malware attributed to China-based cyber actors, specifically the groups Raspberry Typhoon, Flax Typhoon, and Granite Typhoon. These entities have been known to target IT, military, and government interests around the South China Sea. The malicious software can infiltrate systems | 2 |
Softcell is a possible alias for GALLIUM. Softcell is a recognized threat actor, also known as GALLIUM, that has gained notoriety for its targeted cyber attacks on telecommunications companies operating in Southeast Asia, Europe, and Africa. This group's activities have been meticulously tracked and documented by cybersecurity professionals | 2 |
Sword2033 is a possible alias for GALLIUM. Sword2033 is a new and previously undocumented backdoor tool used by the China-linked threat actor known as Alloy Taurus. This group, also referred to as GALLIUM or Softcell, has been actively targeting Linux systems with a variant of the PingPull backdoor, while also deploying Sword2033 in their op | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The PingPull Malware is associated with GALLIUM. PingPull is a malicious software (malware) developed by the Chinese nation-state group known as Alloy Taurus, also referred to as Gallium. The malware is designed to exploit and damage computer systems, with capabilities such as stealing personal information, disrupting operations, or holding data h | Unspecified | 4 |
The BlackMould Malware is associated with GALLIUM. BlackMould is a type of malware, specifically a native web shell, that has been observed in use by GALLIUM, a China-aligned intrusion group. This malicious software is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites without t | Unspecified | 2 |
The China Chopper Malware is associated with GALLIUM. China Chopper is a well-known malware that has been used extensively by Chinese-speaking actors, including the BRONZE UNION group. The malware is designed to exploit and damage computer systems, often without the knowledge of the user. It can infiltrate systems through suspicious downloads, emails, | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Flax Typhoon Threat Actor is associated with GALLIUM. Flax Typhoon is a threat actor reportedly linked to China that has been actively targeting Taiwan, as well as other regions globally. This group, also known by aliases such as RedJuliett and Ethereal Panda, has been implicated in cyberespionage activities against critical infrastructure entities, go | Unspecified | 3 |
The APT41 Threat Actor is associated with GALLIUM. APT41, also known as Winnti, is a threat actor suspected to be originating from China, with its activities dating back to as early as 2012. It has targeted organizations in at least 14 countries and has been associated with the use of at least 46 different code families and tools. The group's activi | Unspecified | 3 |
The Ke3chang Threat Actor is associated with GALLIUM. Ke3chang, also known as APT15, Mirage, Vixen Panda GREF, and Playful Dragon, is a prominent threat actor that has been active since at least 2010. According to the European Union Agency for Cybersecurity (ENISA), this group has consistently targeted energy, government, and military sectors. Ke3chang | Unspecified | 2 |
The APT27 Threat Actor is associated with GALLIUM. APT27, also known as Emissary Panda or Iron Taurus, is a threat actor suspected to be associated with China and has been involved in cyber operations primarily aimed at intellectual property theft. The group targets organizations globally, including those in North and South America, Europe, and the | Unspecified | 2 |
The APT30 Threat Actor is associated with GALLIUM. APT30, a threat actor suspected to be attributed to China, has been active since at least 2005. This group primarily targets members of the Association of Southeast Asian Nations (ASEAN). APT30 is notable for its sustained activity over an extended period and its ability to adapt and modify source c | Unspecified | 2 |
The APT31 Threat Actor is associated with GALLIUM. APT31, also known as Zirconium, is a threat actor believed to be linked to the Chinese government. This group has been associated with numerous cyber attacks, including a significant exploit of CVE-2017-0005. This exploit, dubbed "Jian," was initially attributed to APT31 but upon further analysis by | Unspecified | 2 |
The Mustang Panda Threat Actor is associated with GALLIUM. Mustang Panda, a China-aligned Advanced Persistent Threat (APT) group, has been identified as a significant cyber threat actor involved in a series of malicious activities. Notably, Mustang Panda was found to be associated with the BRONZE PRESIDENT phishing lure, which delivered PlugX and used modif | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
ESET | a month ago | ||
DARKReading | a month ago | ||
BankInfoSecurity | a month ago | ||
CERT-EU | a year ago | ||
Trend Micro | 9 months ago | ||
DARKReading | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Unit42 | a year ago | ||
Unit42 | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |