|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activity
|
cybercrime
phishing
malware deployment
credential theft
|
|
gptkbp:alsoKnownAs
|
gptkb:Zirconium
gptkb:Judgement_Panda
|
|
gptkbp:area
|
gptkb:Asia
gptkb:Europe
gptkb:United_States
|
|
gptkbp:associatedWith
|
Chinese cyber operations
|
|
gptkbp:connectsTo
|
gptkb:Chinese_Ministry_of_State_Security
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
gptkbp:exploits
|
zero-day vulnerabilities
known vulnerabilities
|
|
gptkbp:firstReported
|
2016
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT31
|
|
gptkbp:industry
|
gptkb:media
gptkb:technology
gptkb:NGOs
defense
telecommunications
|
|
gptkbp:language
|
gptkb:Chinese
|
|
gptkbp:MITRE_ATT&CK_ID
|
G0096
|
|
gptkbp:notableEvent
|
attacks on European government agencies
attacks on Hong Kong activists
targeting US presidential campaigns
|
|
gptkbp:primaryMotivation
|
gptkb:intelligence_gathering
political espionage
|
|
gptkbp:reportsTo
|
gptkb:Microsoft
gptkb:FireEye
gptkb:Mandiant
gptkb:Google_Threat_Analysis_Group
|
|
gptkbp:suspect
|
gptkb:Chinese_government
|
|
gptkbp:tactics
|
spear phishing
watering hole attacks
supply chain compromise
|
|
gptkbp:target
|
private sector companies
government organizations
critical infrastructure
political activists
dissidents
|
|
gptkbp:uses
|
gptkb:Cobalt_Strike
custom malware
open-source tools
|
|
gptkbp:usesMalware
|
gptkb:PlugX
gptkb:Royal_Road
gptkb:Zirconium_malware_family
|
|
gptkbp:bfsParent
|
gptkb:Operation_Winnti
gptkb:Hacker
|
|
gptkbp:bfsLayer
|
7
|