POTASSIUM

Threat Actor updated 23 days ago (2024-11-29T13:53:09.550Z)
Download STIX
Preview STIX
Potassium, also known as APT10, CVNX, Stone Panda, MenuPass, and POTASSIUM, is a threat actor that has been linked to multiple cyberattacks. This entity is believed to be operating out of China, with Zhu Hua and Zhang Shilong identified as key players within the group. They are reportedly associated with Huaying Haitai in Tianjin, China, and have connections with the Chinese Ministry of State Security’s Tianjin State Security Bureau. The group's activities show tactical similarities with other Chinese nation-state groups such as APT27 (Bronze Union, Emissary Panda, Lucky Mouse) and APT41 (Barium, Bronze Atlas, Wicked Panda). The potassium threat actor has been involved in significant incidents, including a notable attack in Russia where residents were instructed via a hacked broadcast to take potassium iodide pills and seek shelter immediately. This incident underscores the group's ability to disrupt public communications and spread fear. It's important to note that Russia and its ally Belarus supply 12 percent of America’s potassium requirements and over 15 percent of total U.S. fertilizer imports, highlighting potential vulnerabilities in critical supply chains. Potassium is not only a cybersecurity concern but also an essential element for crop growth, being one of the three primary nutrients required alongside nitrogen and phosphorus. Potassium fertilizer is derived from nonrenewable potash, making it a finite resource. Given the role of this group and the essential nature of potassium, there are potential implications for food security should these threat actors target related industries or infrastructure. In light of these threats, organizations and nations must strengthen their cybersecurity measures and consider the potential impact on crucial sectors like agriculture.
Description last updated: 2024-05-04T22:10:01.738Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
APT10 is a possible alias for POTASSIUM. APT10, also known as Menupass, is a sophisticated threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). This group has been associated with numerous cyber espionage campaigns targeting various sectors globally. Recent analysis suggests a link between APT10 and o
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.