ID | Votes | Profile Description |
---|---|---|
Tropic Trooper | 2 | Tropic Trooper, a threat actor with suspected ties to China, has been identified as a significant cybersecurity concern. Their activities date back to at least 2013, when Trend Micro noted similarities in the encoding algorithms used by Tropic Trooper's malware and the KeyBoy versions from that year |
Tonto Team | 1 | Tonto Team is a Chinese government-aligned Advanced Persistent Threat (APT) group, recognized for its malicious cyber activities. The team has been active for over a decade, utilizing various types of malware, notably the Bisonal and ShadowPad backdoors, in campaigns against entities in Japan, Russi |
Tick | 1 | Tick is a threat actor, also known as BRONZE BUTLER, that likely originates from the People's Republic of China. Secureworks® incident responders and Counter Threat Unit™ (CTU) researchers have been investigating activities associated with this group. Tick has deployed various tools and malware fami |
Apt23 | 1 | APT23, also known as PIRATE PANDA, KeyBoy and Tropic Trooper, is a threat actor suspected to be attributed to China. This group has been observed targeting the media and government sectors in the U.S. and the Philippines, with their operations primarily focusing on the theft of politically and milit |
Pirate Panda | 1 | Pirate Panda, also known as Tropic Trooper or Keyboy, is a threat actor primarily involved in targeting Tibetan entities. As a threat actor, Pirate Panda represents a human entity, potentially a single individual, a private company, or a government organization, that executes actions with malicious |
Ta413 | 1 | TA413, also known as LuckyCat, is a threat actor suspected of conducting cyber espionage on behalf of the Chinese state. In the first half of 2022, TA413 targeted Tibetan individuals, organizations, and the exiled Tibetan government. The group exploited a now-patched zero-day vulnerability in the So |
ID | Type | Votes | Profile Description |
---|---|---|---|
ShadowPad | Unspecified | 1 | ShadowPad is a modular backdoor malware that has been utilized by several Chinese threat groups since at least 2017. Notably, it was used as the payload in supply chain attacks targeting South Asian governments, as reported in the VB2023 paper. ShadowPad provides near-administrative capabilities in |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
MITRE | 7 months ago | The KeyBoys are back in town |
MITRE | a year ago | Covid-19 Cybersecurity Challenges & Recommendations | CrowdStrike |
MITRE | a year ago | Tropic Trooper’s New Strategy |
MITRE | a year ago | Exchange servers under siege from at least 10 APT groups | WeLiveSecurity |
MITRE | a year ago | It’s Parliamentary: KeyBoy and the targeting of the Tibetan Community - The Citizen Lab |
Recorded Future | a year ago | Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets | Recorded Future |
Recorded Future | a year ago | Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets | Recorded Future |