|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2009
|
|
gptkbp:alsoKnownAs
|
gptkb:APT10
gptkb:MenuPass_Group
|
|
gptkbp:associatedWith
|
gptkb:Chinese_Ministry_of_State_Security
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
gptkbp:enemyOf
|
data exfiltration
spear phishing
credential theft
supply chain attack
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Stone Panda
|
|
gptkbp:indictedBy
|
gptkb:United_States_Department_of_Justice
|
|
gptkbp:indictmentYear
|
2018
|
|
gptkbp:notableFor
|
global cyber espionage campaigns
stealing intellectual property
targeting managed service providers worldwide
|
|
gptkbp:notableOperation
|
gptkb:Cloud_Hopper_campaign
|
|
gptkbp:region
|
gptkb:Australia
gptkb:Europe
gptkb:Japan
gptkb:United_States
global
|
|
gptkbp:reportsTo
|
gptkb:PwC
gptkb:US_Department_of_Justice
gptkb:CrowdStrike
gptkb:FireEye
gptkb:Mandiant
gptkb:Symantec
|
|
gptkbp:suspect
|
gptkb:Chinese_government
|
|
gptkbp:target
|
gptkb:textile_industry
aerospace industry
healthcare sector
government organizations
managed service providers
telecommunications sector
defense contractors
biotechnology sector
|
|
gptkbp:TTPs
|
living off the land
custom malware development
use of legitimate credentials
use of compromised MSPs to access client networks
|
|
gptkbp:usesMalware
|
gptkb:PlugX
gptkb:QuasarRAT
gptkb:Cloud_Hopper
gptkb:Poison_Ivy
gptkb:HAYMAKER
gptkb:RedLeaves
ChChes
REDBALDKNIGHT
|
|
gptkbp:bfsParent
|
gptkb:Cloud_Hopper
gptkb:APT10
|
|
gptkbp:bfsLayer
|
8
|