|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2006
|
|
gptkbp:allegedPurpose
|
economic espionage
military intelligence gathering
intellectual property theft
|
|
gptkbp:alsoKnownAs
|
gptkb:Comment_Crew
gptkb:Comment_Group
gptkb:Shanghai_Group
|
|
gptkbp:connectsTo
|
gptkb:People's_Liberation_Army_Unit_61398
gptkb:Chinese_government
gptkb:People's_Liberation_Army
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
gptkbp:exposedBy
|
gptkb:Mandiant
2013
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT1
|
|
gptkbp:industry
|
gptkb:energy
aerospace
defense
manufacturing
telecommunications
satellite and space technology
|
|
gptkbp:location
|
gptkb:Shanghai,_China
|
|
gptkbp:majorCity
|
gptkb:Canada
gptkb:United_Kingdom
gptkb:United_States
|
|
gptkbp:method
|
malware
remote access tools
spear phishing
watering hole attacks
|
|
gptkbp:notableFor
|
gptkb:APT1:_Exposing_One_of_China’s_Cyber_Espionage_Units
|
|
gptkbp:notableVictim
|
gptkb:government_agency
gptkb:Fortune_500_companies
critical infrastructure organizations
|
|
gptkbp:reportDate
|
February 2013
|
|
gptkbp:reportPublisher
|
gptkb:Mandiant
|
|
gptkbp:status
|
active
|
|
gptkbp:uses
|
custom malware
zero-day exploits
command and control infrastructure
|
|
gptkbp:usesMalware
|
gptkb:GLOOXMAIL
gptkb:MAPIGET
gptkb:MINISD
gptkb:SEASALT
gptkb:SOGU
gptkb:WATERMAIN
gptkb:WEBC2
BISCUIT
COOKIE
GETMAIL
NEWSREELS
|
|
gptkbp:bfsParent
|
gptkb:APT
|
|
gptkbp:bfsLayer
|
6
|