APT3

GPTKB entity

Statements (83)
Predicate Object
gptkbp:instanceOf cyber threat group
gptkbp:alsoKnownAs gptkb:Gothic_Panda
gptkb:UPS_Team
Buckeye
gptkbp:area gptkb:Hong_Kong
gptkb:United_States
multiple countries
gptkbp:attributedTo gptkb:Ministry_of_State_Security_(China)
gptkbp:connectsTo gptkb:Chinese_Ministry_of_State_Security_contractors
gptkbp:countryOfOrigin gptkb:China
gptkbp:exploits gptkb:CVE-2022-22954
gptkb:CVE-2017-0199
gptkb:CVE-2017-0261
gptkb:CVE-2017-0263
gptkb:CVE-2021-34527
gptkb:CVE-2014-6332
gptkb:CVE-2015-5119
gptkb:CVE-2017-11882
gptkb:CVE-2017-8464
gptkb:CVE-2017-8759
gptkb:CVE-2018-8174
gptkb:CVE-2019-0708
gptkb:CVE-2019-0808
gptkb:CVE-2019-19781
gptkb:CVE-2019-2725
gptkb:CVE-2019-3396
gptkb:CVE-2020-0688
gptkb:CVE-2020-10189
gptkb:CVE-2020-1350
gptkb:CVE-2021-21985
gptkb:CVE-2021-26855
gptkb:CVE-2022-30190
gptkb:CVE-2023-23397
gptkb:CVE-2023-28252
gptkb:CVE-2023-36884
gptkb:CVE-2023-38831
gptkb:CVE-2023-42793
gptkb:CVE-2023-4863
gptkb:CVE-2023-5217
gptkb:CVE-2024-21412
gptkb:CVE-2024-3094
gptkb:CVE-2024-3400
gptkb:CVE-2024-4577
gptkb:CVE-2024-6387
gptkb:CVE-2021-44228
gptkb:CVE-2019-11510
gptkb:CVE-2023-34362
gptkbp:firstReported 2010
https://www.w3.org/2000/01/rdf-schema#label APT3
gptkbp:industry gptkb:energy
gptkb:government
gptkb:technology
defense
telecommunications
gptkbp:mitreGroupId G0022
gptkbp:mitreReference https://attack.mitre.org/groups/G0022/
gptkbp:notableBattle gptkb:Operation_Clandestine_Fox
gptkb:Operation_Double_Tap
gptkb:Operation_Clandestine_Wolf
gptkbp:notableFeature highly sophisticated
persistent targeting
uses zero-day vulnerabilities
gptkbp:notableTool gptkb:Cobalt_Strike
gptkb:Metasploit
gptkb:Mimikatz
PowerShell scripts
custom backdoors
gptkbp:suspect gptkb:Chinese_government
gptkbp:tactics custom malware
spear phishing
supply chain attacks
watering hole attacks
zero-day exploits
credential theft
gptkbp:usesMalware gptkb:PlugX
gptkb:CUPP
gptkb:CookieCutter
gptkb:Pirpi
gptkb:Remote_Access_Tools
SHOTPUT
gptkbp:bfsParent gptkb:Olympic_Destroyer
gptkb:Operation_Olympic_Destroyer
gptkbp:bfsLayer 6