|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
at least 2012
|
|
gptkbp:alsoKnownAs
|
cathedral
|
|
gptkbp:area
|
gptkb:Japan
gptkb:Middle_East
gptkb:South_Korea
gptkb:United_States
|
|
gptkbp:associatedWith
|
Chinese intelligence services
|
|
gptkbp:connectsTo
|
gptkb:Chinese_military
gptkb:Chinese_Ministry_of_State_Security
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
APT53
|
|
gptkbp:industry
|
gptkb:energy
gptkb:government
defense
telecommunications
|
|
gptkbp:infrastructure
|
command and control servers
compromised websites
malicious email attachments
|
|
gptkbp:motive
|
gptkb:intelligence_gathering
espionage
|
|
gptkbp:notableBattle
|
attacks on US defense contractors
attacks on South Korean government entities
attacks on telecommunications companies
|
|
gptkbp:operatedBy
|
gptkb:Chinese_government
|
|
gptkbp:reportsTo
|
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Mandiant
gptkb:Recorded_Future
|
|
gptkbp:technique
|
custom malware
spear phishing
watering hole attacks
|
|
gptkbp:usesMalware
|
gptkb:Pisloader
gptkb:BS2005
gptkb:Elise
gptkb:Evora
Dropnet
Ltrack
Reconshark
ZJw0rm
|
|
gptkbp:bfsParent
|
gptkb:Operation_Winnti
|
|
gptkbp:bfsLayer
|
7
|