【要点】
◎中国の標的型攻撃組織(Actor)
【目次】
概要
【辞書】
◆Ke3chang (ATT&CK)
https://attack.mitre.org/wiki/Group/G0004
【別名】
| 組織名 | 命名組織・名称使用組織 |
|---|---|
| APT15 | FireEye |
| Ke3chang | |
| Mirage | |
| Vixen Panda | Crowdstrike |
| GREF | |
| Playful Dragon | |
| Albacore | iDefense |
| Lurid | iDefense |
| Social Network Team | |
| Enfal | |
| Newtcli | |
| Hellsing | |
| RoyalAPT | |
| Nickel | Microsoft |
【作戦】
- Operation Ke3chang
【最新情報】
◆Connection discovered between Chinese hacker group APT15 and defense contractor (ZDNet, 2020/07/02 01:25)
APT15と中国政府の政府防衛請負業者の間に関係
https://www.zdnet.com/article/connection-discovered-between-chinese-hacker-group-apt15-and-defense-contractor/
⇒ https://malware-log.hatenablog.com/entry/2020/07/02/000000_6
◆Mobile APT Surveillance Campaigns Targeting Uyghurs (Lookout, 2020/06)
A collection of long-running Android tooling connected to a Chinese mAPT actor
https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malware-tr-us.pdf
⇒ https://malware-log.hatenablog.com/entry/2020/06/30/000000_8
記事
【ニュース】
◆APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS (nccgroup, 2018/03/10)
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/
⇒ https://malware-log.hatenablog.com/entry/2018/03/10/000000
◆China-Linked APT15 used new backdoors in attack against UK Government’s service provider (Security Affairs, 2018/03/12)
http://securityaffairs.co/wordpress/70140/hacking/apt15-uk-gov-contractor.html
⇒ https://malware-log.hatenablog.com/entry/2018/03/12/000000_4
◆CHINA-LINKED APT15 USED MYRIAD OF NEW TOOLS TO HACK UK GOVERNMENT CONTRACTOR (threatpost, 2018/03/13 12:16)
https://threatpost.com/china-linked-apt15-used-myriad-of-new-tools-to-hack-uk-government-contractor/130376/
⇒ https://malware-log.hatenablog.com/entry/2018/03/13/000000_4
◆Ancient ICEFOG APT malware spotted again in new wave of attacks (ZDNet, 2019/06/07 15:30)
ICEFOG malware resurfaces in the arsenal of multiple Chinese cyber-espionage groups, not just one.
https://www.zdnet.com/article/ancient-icefog-apt-malware-spotted-again-in-new-wave-of-attacks/
⇒ https://malware-log.hatenablog.com/entry/2019/06/07/000000_8
◆Connection discovered between Chinese hacker group APT15 and defense contractor (ZDNet, 2020/07/02 01:25)
APT15と中国政府の政府防衛請負業者の間に関係
https://www.zdnet.com/article/connection-discovered-between-chinese-hacker-group-apt15-and-defense-contractor/
⇒ https://malware-log.hatenablog.com/entry/2020/07/02/000000_6
【ブログ】
◆Trend Micro Exposes LURID APT (Trendmicro, 2011/09/22)
https://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-exposes-lurid-apt/
⇒ https://malware-log.hatenablog.com/entry/2018/03/10/000000
【資料】
◆Mobile APT Surveillance Campaigns Targeting Uyghurs (Lookout, 2020/06)
A collection of long-running Android tooling connected to a Chinese mAPT actor
https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malware-tr-us.pdf
⇒ https://malware-log.hatenablog.com/entry/2020/06/30/000000_8
【IoT情報】
◆APT15 (2018/03/10)
https://ioc.hatenablog.com/entry/2018/03/10/000000
関連情報
【関連まとめ記事】
◆標的型攻撃組織 / APT (まとめ)
https://malware-log.hatenablog.com/entry/APT