Common Information
| Type | Value |
|---|---|
| Value |
GhostEmperor |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode rootkit called Demodex to gain remote control over their targeted servers. The actor demonstrates a high level of sophistication and uses various anti-forensic and anti-analysis techniques to evade detection. They have been active for a significant period of time and continue to pose a threat to their targets. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-15 | 0 | Chinas Cyberspione greifen Telefondaten und -gespräche von US-Netzbetreibern ab | ||
| Details | Website | 2024-11-14 | 0 | China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials | ||
| Details | Website | 2024-11-14 | 1 | Massive Telecom Hack Exposes US Officials to Chinese Espionage | ||
| Details | Website | 2024-11-11 | 2 | 美国机构提醒员工限制使用电话,因为 Salt Typhoon 黑客攻击了电信提供商-安全客 - 安全资讯平台 | ||
| Details | Website | 2024-11-10 | 2 | U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-11-10 | 2 | U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers | ||
| Details | Website | 2024-11-07 | 4 | China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait | ||
| Details | Website | 2024-10-07 | 0 | 5 Things To Know On The ‘Salt Typhoon’ ISP Hack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-07 | 0 | US-Netzbetreiber offenbar im Visier chinesischer Cyberkrimineller | ||
| Details | Website | 2024-10-06 | 1 | China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-06 | 1 | China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems | ||
| Details | Website | 2024-10-04 | 2 | Weekly Cybersecurity News | ||
| Details | Website | 2024-09-30 | 4 | The Daily Tech Digest: 30 September 2024 | ||
| Details | Website | 2024-09-27 | 3 | The Daily Tech Digest: 27 September 2024 | ||
| Details | Website | 2024-09-26 | 5 | China-linked APT group Salt Typhoon compromised some US ISPs | ||
| Details | Website | 2024-09-26 | 0 | Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign | ||
| Details | Website | 2024-09-26 | 0 | Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign - RedPacket Security | ||
| Details | Website | 2024-07-25 | 59 | How APT groups operate in Southeast Asia | ||
| Details | Website | 2023-08-29 | 235 | Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) | Mandiant | ||
| Details | Website | 2022-01-20 | 84 | MoonBounce: the dark side of UEFI firmware | ||
| Details | Website | 2021-11-26 | 14 | IT threat evolution Q3 2021 | ||
| Details | Website | 2021-07-29 | 14 | APT trends report Q2 2021 | ||
| Details | Website | 2021-07-28 | 3 | GhostEmperor: Chinese-speaking APT targets high-profile victims using unknown rootkit |