Chinese-speaking threat actors
GPTKB entity
Statements (172)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
threat actor group
|
| gptkbp:associatedWith |
gptkb:People's_Republic_of_China
|
| https://www.w3.org/2000/01/rdf-schema#label |
Chinese-speaking threat actors
|
| gptkbp:knownFor |
cybercrime
phishing campaigns supply chain attacks watering hole attacks malware development intellectual property theft APT (Advanced Persistent Threat) operations zero-day exploitation |
| gptkbp:mainLanguage |
gptkb:Chinese
|
| gptkbp:motive |
political influence
financial gain intellectual property theft military advantage state-sponsored espionage |
| gptkbp:notableGroup |
gptkb:APT3
gptkb:APT34 gptkb:Red_Apollo gptkb:APT15 gptkb:APT16 gptkb:APT39 gptkb:APT40 gptkb:APT41 gptkb:APT42 gptkb:APT43 gptkb:APT44 gptkb:APT45 gptkb:APT47 gptkb:APT48 gptkb:APT49 gptkb:APT50 gptkb:APT51 gptkb:APT52 gptkb:APT53 gptkb:APT54 gptkb:APT55 gptkb:APT56 gptkb:APT57 gptkb:APT58 gptkb:APT59 gptkb:Gothic_Panda gptkb:Mustang_Panda gptkb:Winnti gptkb:APT28 gptkb:APT33 gptkb:APT46 gptkb:APT60 gptkb:Tick gptkb:APT38 gptkb:APT1 gptkb:APT29 gptkb:APT10 gptkb:APT12 gptkb:APT17 gptkb:APT18 gptkb:APT19 gptkb:APT20 gptkb:APT21 gptkb:APT22 gptkb:APT23 gptkb:APT24 gptkb:APT25 gptkb:APT26 gptkb:APT27 gptkb:APT30 gptkb:APT31 gptkb:APT32 gptkb:APT35 gptkb:APT36 gptkb:APT37 gptkb:Bronze_Butler gptkb:Naikon gptkb:Lotus_Blossom gptkb:Emissary_Panda gptkb:Deep_Panda Iron Tiger APT100 APT61 APT62 APT63 APT64 APT65 APT66 APT67 APT68 APT69 APT70 APT71 APT72 APT73 APT74 APT75 APT76 APT77 APT78 APT79 APT80 APT81 APT82 APT83 APT84 APT85 APT86 APT87 APT88 APT89 APT90 APT91 APT92 APT93 APT94 APT95 APT96 APT97 APT98 APT99 BlackTech Ke3chang MenuPass |
| gptkbp:region |
gptkb:China
gptkb:Hong_Kong gptkb:Malaysia gptkb:Singapore gptkb:Taiwan gptkb:East_Asia Global |
| gptkbp:tactics |
command and control
data exfiltration living off the land spear phishing credential theft lateral movement persistence mechanisms fileless malware obfuscation privilege escalation watering hole supply chain compromise backdoor installation DLL side-loading anti-forensics web shell deployment use of legitimate tools zero-day exploitation |
| gptkbp:target |
gptkb:government
healthcare organizations financial institutions technology companies government organizations telecommunications companies critical infrastructure defense contractors |
| gptkbp:uses |
gptkb:China_Chopper
gptkb:PlugX gptkb:DoublePulsar gptkb:Quasar_RAT gptkb:ShadowPad gptkb:Sogu gptkb:XMRig gptkb:ZxShell gptkb:Cobalt_Strike gptkb:Mimikatz gptkb:Poison_Ivy custom malware Gh0st RAT Htran RATs (Remote Access Trojans) |
| gptkbp:bfsParent |
gptkb:NetTraveler
gptkb:Operation_Tropic_Trooper |
| gptkbp:bfsLayer |
7
|