Night Dragon

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
Night Dragon is a recognized threat actor, a term used in cybersecurity to denote an individual or group that carries out malicious activities. These entities can range from single individuals to large organizations or even government bodies. Night Dragon has been associated with several significant cyber threats and attacks. One notable instance was in 2011, when cybersecurity firm McAfee reported a series of attacks on energy companies, attributing them to Night Dragon. This group's activities have been marked by their sophistication and potential for causing substantial disruption. During the investigation into another threat actor known as Space Pirates, there were numerous overlaps found with Night Dragon's activities. This investigation revealed connections between Night Dragon and several other prominent threat actors, including Winnti (APT41), Bronze Union (APT27), TA428, RedFoxtrot, and Mustang Panda. The intersections suggest either collaboration or shared tactics among these groups, indicating a complex and interconnected landscape of cybersecurity threats. However, it should be noted that some previous associations made between Night Dragon and certain Advanced Persistent Threat (APT) groups have been reevaluated and corrected. While the exact details of this correction aren't specified, it implies that the understanding of Night Dragon's activities and affiliations is dynamic and subject to change as new information comes to light. This underscores the importance of continuous monitoring and analysis in the field of cybersecurity.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Ta428
1
TA428 is a sophisticated malware toolkit associated with several cyber threat groups, including Bronze Union (also known as LuckyMouse or APT27) and BackdoorDiplomacy. The TA428 toolkit includes various malicious software like Albaniiutas (RemShell), which is specifically mentioned in an ESET report
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apt
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
BRONZE UNIONUnspecified
1
Bronze Union, also known as APT27, Emissary Panda, Lucky Mouse, Iron Tiger, and Red Phoenix, is a threat actor with alleged connections to the Chinese government. The group has been observed targeting organizations across Europe, North and South America, Africa, the Middle East, and the Asia-Pacific
Mustang PandaUnspecified
1
Mustang Panda, also known as Bronze President, Nomad Panda, Naikon, Earth Preta, and Stately Taurus, is a Chinese-aligned threat actor that has been associated with widespread attacks against various countries in the Asia-Pacific region. The group's malicious activities were first traced back to Mar
WinntiUnspecified
1
Winnti, a threat actor or group also known as Starchy Taurus and APT41, has been active since at least 2007, first identified by Kaspersky in 2013. This Chinese state-sponsored entity is renowned for its ability to target supply chains of legitimate software to disseminate malware. The group is link
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Winnti Apt41Unspecified
1
None
Bronze Union Apt27Unspecified
1
None
Source Document References
Information about the Night Dragon Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Musical Chairs Playing Tetris | NETSCOUT
CERT-EU
a year ago
Space Pirates: analyzing the tools and connections of a new hacker group