Statements (33)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybercrime
|
| gptkbp:abilities |
command and control
remote access data exfiltration |
| gptkbp:attributedTo |
gptkb:APT41
gptkb:Chinese_threat_actors |
| gptkbp:detects |
gptkb:FireEye
gptkb:Kaspersky_Lab gptkb:Symantec |
| gptkbp:firstObserved |
2017
|
| https://www.w3.org/2000/01/rdf-schema#label |
ShadowPad backdoor attacks
|
| gptkbp:impact |
espionage
data theft |
| gptkbp:method |
supply chain compromise
malware injection |
| gptkbp:notableEvent |
CCleaner compromise
NetSarang supply chain attack |
| gptkbp:target |
gptkb:energy
supply chain government organizations critical infrastructure telecommunications sector |
| gptkbp:uses |
encrypted communication
DLL side-loading modular plugins fileless techniques ShadowPad malware |
| gptkbp:usesMalware |
modular backdoor
|
| gptkbp:分布地区 |
gptkb:Asia
gptkb:Europe gptkb:North_America |
| gptkbp:bfsParent |
gptkb:Winnti_Group
|
| gptkbp:bfsLayer |
8
|