Alias Description | Votes |
---|---|
Earth Lusca is a possible alias for I-Soon. Earth Lusca, a threat actor believed to be part of the China-backed Winnti collective, has been active since at least 2019 and is known for its cyber-espionage activities. The group primarily targets government organizations in Asia, Latin America, and other regions. Recently, it has expanded its ar | 4 |
Anxun is a possible alias for I-Soon. Anxun Information Technology Co., also known as iSoon, has been identified as a significant threat actor in the realm of cybersecurity. A data leak revealed on February 18, 2024, disclosed the company's strong ties to the Chinese government through various contracts. This leak, which originated from | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The ShadowPad Malware is associated with I-Soon. ShadowPad is a sophisticated malware, known for its use in supply chain attacks, particularly against government entities in South Asia. This modular backdoor, which has been active for approximately seven years, is popular among Chinese threat actors. It was notably used as the payload in an attack | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT41 Threat Actor is associated with I-Soon. APT41, also known as Winnti, is a threat actor suspected to be originating from China, with its activities dating back to as early as 2012. It has targeted organizations in at least 14 countries and has been associated with the use of at least 46 different code families and tools. The group's activi | Unspecified | 3 |
The Winnti Threat Actor is associated with I-Soon. Winnti is a threat actor group known for its malicious activities, primarily originating from Chinese Advanced Persistent Threat (APT) operational infrastructure. The group, which has been active since at least 2007, was first spotted by Kaspersky in 2013. It is associated with several aliases such | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|