jian

Threat Actor updated 3 months ago (2024-05-30T23:17:29.719Z)

Download STIX

Preview STIX

Jian, a cyber espionage tool used by the China-linked APT31 group (also known as Zirconium, Judgment Panda, and Red Keres), has been implicated in multiple cyber espionage operations. The tool was first brought to public attention in 2022 when it was discovered by the Check Point Research team. Notably, Jian is a clone of the NSA Equation Group's "EpMe" hacking tool and was utilized years before its online leak by the Shadow Brokers hackers. In a recent development, 42-year-old Jian Wen, holding both United Kingdom and Chinese citizenship, was sentenced by the Southwark Crown Court in London to six years and eight months in prison. She was found guilty of laundering $10.4 million worth of cryptocurrency linked to a billion-dollar investment fraud, as reported by Bloomberg. This case marks a significant instance of legal action taken against individuals associated with cybercrime. The use of Jian and related cyber espionage activities have sparked international controversy. Lin Jian, a Chinese Foreign Ministry spokesperson, rejected UK accusations regarding these activities as "false information," challenging the UK government to provide "objective evidence." Meanwhile, various cybersecurity experts, including Dr Chia-Mu Yu of the National Institute of Cybersecurity and Mr Jian-Lung Lin, Director of High-Tech Crime Center of the Taiwan Ministry of Interior Affairs, have spoken on the need for effective mitigation measures and safeguarding critical information infrastructure.

Description last updated: 2024-05-30T23:15:54.104Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
APT31	2	APT31, also known as Zirconium, is a threat actor group linked to the Chinese government that has been implicated in numerous cyber espionage activities. One of their most notable exploits was the cloning of the Equation Group's exploit, EpMe (CVE-2017-0005). This exploit was initially discovered du
ZIRCONIUM	2	Zirconium, also known as APT31, Judgment Panda, and Red Keres, is a threat actor linked to numerous cyber espionage operations. The group came into the spotlight in 2022 when the Check Point Research team discovered that it had used a tool called "Jian," a clone of the NSA Equation Group's hacking t
Epme	2	EpMe is a software vulnerability (CVE-2017-0005) that was first discovered within the Equation Group's exploit arsenal, with its existence traced back to at least 2013. The Equation Group, believed to be linked to the NSA, developed this exploit as part of their cyber toolset which also included Dan

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Equation Group	Unspecified	2	The Equation Group, a threat actor suspected of having ties to the United States, has been associated with various sophisticated cyber exploits. The group's EpMe exploit, which existed since at least 2013, was the original exploit for the vulnerability later labeled CVE-2017-0005. Another exploit, E

Source Document References

Information about the jian Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
BankInfoSecurity	3 months ago	Cryptohack Roundup: FTX Paid Off Whistleblowers
Securityaffairs	5 months ago	US Treasury Dep announced sanctions against members of China-linked APT31
InfoSecurity-magazine	5 months ago	UK Blames China for 2021 Hack Targeting Millions of Voters' Data
CERT-EU	6 months ago	China protests Taiwan minister's role at Seoul summit backed by US
CERT-EU	9 months ago	Envoys of India, US, and Taiwan chair cybersecurity workshop ahead of polls in 3 countries in 2024, envoys-of-india-us-and-taiwan-chair-cybersecurity-workshop-ahead-of-polls-in-3-countries-in-2024 \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	10 months ago	Search \| arXiv e-print repository
CERT-EU	10 months ago	Search \| arXiv e-print repository
CERT-EU	10 months ago	Search \| arXiv e-print repository
CERT-EU	a year ago	Search \| arXiv e-print repository
CERT-EU	a year ago	Nexusflow Launches to Help Automate the SOC
CERT-EU	a year ago	UC Berkeley profs raise $10.6M seed, launch GenAI startup for security
CERT-EU	a year ago	Nexusflow raises $10.6M to build a conversational interface for security tools \| TechCrunch
CERT-EU	a year ago	Search \| arXiv e-print repository
CERT-EU	a year ago	Search \| arXiv e-print repository
CERT-EU	a year ago	Search \| arXiv e-print repository
CERT-EU	a year ago	Search \| arXiv e-print repository
CERT-EU	a year ago	New Google Chrome Zero-Day Bug Actively Exploited in Wide – Emergency Update!
Securityaffairs	a year ago	Google fixed second actively exploited Chrome zero-day of 2023
CERT-EU	a year ago	Google Patches Second Chrome Zero-Day Vulnerability of 2023
CERT-EU	a year ago	Search \| arXiv e-print repository