|
gptkbp:instanceOf
|
hacker
|
|
gptkbp:activeYearsStart
|
2009
|
|
gptkbp:alsoKnownAs
|
gptkb:Blackfly
gptkb:APT41
gptkb:Wicked_Panda
BARIUM
|
|
gptkbp:associatedWith
|
gptkb:Bronze_Atlas
gptkb:APT10
gptkb:APT17
Bronze Riverside
|
|
gptkbp:connectsTo
|
gptkb:Ministry_of_State_Security_(China)
gptkb:Chinese_government
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Winnti
|
|
gptkbp:language
|
gptkb:Chinese
|
|
gptkbp:mainActivity
|
cybercrime
financially motivated cybercrime
|
|
gptkbp:motive
|
espionage
financial gain
|
|
gptkbp:notableBattle
|
gptkb:CCleaner_supply_chain_attack
gptkb:Operation_ShadowHammer
attacks on German chemical companies
attacks on Hong Kong universities
attacks on video game companies
|
|
gptkbp:notableTool
|
gptkb:PlugX
gptkb:LEMONDUCK
gptkb:ShadowPad
gptkb:Skip-2.0
gptkb:Winnti_backdoor
gptkb:Crosswalk
DEADPOOL
|
|
gptkbp:region
|
gptkb:Asia
gptkb:Europe
gptkb:North_America
global
|
|
gptkbp:reportsTo
|
gptkb:Microsoft
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:Mandiant
gptkb:Symantec
gptkb:Trend_Micro
gptkb:Secureworks
|
|
gptkbp:target
|
gptkb:video_game
universities
pharmaceutical industry
government organizations
telecommunications industry
software companies
|
|
gptkbp:TTPs
|
living off the land techniques
supply chain attacks
watering hole attacks
credential theft
lateral movement
custom malware development
|
|
gptkbp:usesMalware
|
gptkb:PlugX
gptkb:LEMONDUCK
gptkb:ShadowPad
gptkb:Skip-2.0
gptkb:Winnti_malware
gptkb:Crosswalk
DEADPOOL
|
|
gptkbp:bfsParent
|
gptkb:Chinese_hackers
|
|
gptkbp:bfsLayer
|
7
|