APT31

GPTKB entity

Statements (51)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activity cybercrime
phishing
malware deployment
credential theft
gptkbp:alsoKnownAs gptkb:Zirconium
gptkb:Judgement_Panda
gptkbp:area gptkb:Asia
gptkb:Europe
gptkb:United_States
gptkbp:associatedWith Chinese cyber operations
gptkbp:connectsTo gptkb:Chinese_Ministry_of_State_Security
gptkbp:countryOfOrigin gptkb:China
gptkbp:exploits zero-day vulnerabilities
known vulnerabilities
gptkbp:firstReported 2016
https://www.w3.org/2000/01/rdf-schema#label APT31
gptkbp:industry gptkb:media
gptkb:technology
gptkb:NGOs
defense
telecommunications
gptkbp:language gptkb:Chinese
gptkbp:MITRE_ATT&CK_ID G0096
gptkbp:notableEvent attacks on European government agencies
attacks on Hong Kong activists
targeting US presidential campaigns
gptkbp:primaryMotivation gptkb:intelligence_gathering
political espionage
gptkbp:reportsTo gptkb:Microsoft
gptkb:FireEye
gptkb:Mandiant
gptkb:Google_Threat_Analysis_Group
gptkbp:suspect gptkb:Chinese_government
gptkbp:tactics spear phishing
watering hole attacks
supply chain compromise
gptkbp:target private sector companies
government organizations
critical infrastructure
political activists
dissidents
gptkbp:uses gptkb:Cobalt_Strike
custom malware
open-source tools
gptkbp:usesMalware gptkb:PlugX
gptkb:Royal_Road
gptkb:Zirconium_malware_family
gptkbp:bfsParent gptkb:Operation_Winnti
gptkb:Hacker
gptkbp:bfsLayer 7