Alias Description | Votes |
---|---|
PlugX is a possible alias for ShadowPad. PlugX is a malicious software (malware) known for its stealthy operations. It has been linked to several cyberattacks, and its use has been attributed to various threat groups, including Winnti and MustangPanda. The malware leverages DLL side-loading to remain undetected, making it a potent tool in | 9 |
Alias Description | Association Type | Votes |
---|---|---|
The malware Poisonplug is associated with ShadowPad. | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Winnti Threat Actor is associated with ShadowPad. Winnti, a notorious threat actor group, has been linked to several sophisticated cyber-espionage activities. First identified by Kaspersky in 2013, it is believed that the group has been active since at least 2007, primarily targeting software supply chains to spread malware. Winnti is part of the A | Unspecified | 7 |
The APT41 Threat Actor is associated with ShadowPad. APT41, also known as Winnti, Wicked Panda, and Brass Typhoon, is a significant threat actor attributed to China. This group has been active since at least 2012 and has targeted organizations in over 14 countries. It uses a wide range of malware, with at least 46 different code families and tools obs | Unspecified | 6 |
The Redfly Threat Actor is associated with ShadowPad. RedFly, a threat actor group known for its malicious activities, has emerged as a significant cybersecurity concern. The group's operations are characterized by their strategic execution and targeted focus, often resulting in substantial security breaches. Threat actors like RedFly pose a significan | Unspecified | 5 |
The Winnti Group Threat Actor is associated with ShadowPad. The Winnti Group, a threat actor associated with the Chinese state-sponsored hacking activities, has been active since at least 2007, according to researchers from Kaspersky Lab who first identified the group in 2013. The group initially gained notoriety for its attacks on computer game developers a | Unspecified | 2 |
The Bronze University Threat Actor is associated with ShadowPad. Bronze University, also known as Aquatic Panda, ControlX, RedHotel, and Earth Lusca, is a threat actor group believed to be a Chinese state-sponsored hacking operation. The group has been active since 2021, targeting government, aerospace, education, telecommunications, media, and research organizat | Unspecified | 2 |
The Lancefly Threat Actor is associated with ShadowPad. Lancefly, a threat actor potentially associated with China, has been identified as the group behind an ongoing cyberespionage campaign targeting organizations in South and Southeast Asia. The targets include government bodies, aviation companies, educational institutions, and telecommunication secto | Unspecified | 2 |
The Earth Lusca Threat Actor is associated with ShadowPad. Earth Lusca, a threat actor identified as being Chinese-speaking, has been active since at least the first half of 2023. The group primarily targets organizations in Southeast Asia, Central Asia, and the Balkans. Recently, it has expanded its arsenal with SprySOCKS Linux malware, a new addition that | Unspecified | 2 |
The I-Soon Threat Actor is associated with ShadowPad. i-Soon, also known as Anxun, is a threat actor identified as a private industry contractor for the Chinese Ministry of Public Security (MPS). The company has recently been implicated in a massive data leak that surfaced on Github. As elaborated by Tom Uren and Catalin Cimpanu, i-Soon frequently init | Unspecified | 2 |
The Redhotel Threat Actor is associated with ShadowPad. RedHotel is a prolific threat actor group, known for its espionage activities targeting organizations of interest to the Chinese government. The group has been active since at least 2019 and operates alongside other threat groups such as RedAlpha and Poison Carp. Researchers at Recorded Future have | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | a month ago | ||
Unit42 | a month ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Checkpoint | 2 months ago | ||
Securityaffairs | 2 months ago | ||
DARKReading | 2 months ago | ||
BankInfoSecurity | 4 months ago | ||
BankInfoSecurity | 6 months ago | ||
DARKReading | 7 months ago | ||
Trend Micro | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
Trend Micro | 7 months ago | ||
CERT-EU | 8 months ago | ||
Unit42 | 8 months ago | ||
CERT-EU | 8 months ago | ||
Securelist | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |