Threat Trend Report on APT Groups
Common Information
| Type | Value |
|---|---|
| UUID | c9367b9e-3920-4abd-9503-4e9d01428714 |
| Fingerprint | 29be53393c6dee53af6ddf37bd34f9adedf618334c1e6981ba519d50d3177810 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 10, 2023, 9:26 a.m. |
| Added to db | July 4, 2024, 3:32 p.m. |
| Last updated | Aug. 31, 2024, 8:57 a.m. |
| Headline | Threat Trend Report on APT Groups |
| Title | Threat Trend Report on APT Groups |
| Detected Hints/Tags/Attributes | 188/3/66 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 76 | cve-2022-47966 |
|
| Details | CVE | 122 | cve-2022-26134 |
|
| Details | CVE | 184 | cve-2021-26855 |
|
| Details | CVE | 38 | cve-2022-39952 |
|
| Details | CVE | 43 | cve-2021-22205 |
|
| Details | CVE | 6 | cve-2019-9621 |
|
| Details | CVE | 168 | cve-2021-34473 |
|
| Details | CVE | 142 | cve-2021-34523 |
|
| Details | CVE | 143 | cve-2021-31207 |
|
| Details | CVE | 133 | cve-2023-38831 |
|
| Details | Domain | 83 | cert.gov.ua |
|
| Details | Domain | 50 | webhook.site |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 68 | cn-sec.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 36 | www.volexity.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 44 | atip.ahnlab.com |
|
| Details | Domain | 22 | www.genians.co.kr |
|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | Domain | 37 | blog.alyac.co.kr |
|
| Details | Domain | 124 | www.sentinelone.com |
|
| Details | Domain | 54 | www.ahnlab.com |
|
| Details | File | 1 | headless-and-mocking-apis.html |
|
| Details | File | 1 | 2030846.html |
|
| Details | File | 3 | earth-lusca-employs-new-linux-backdoor.html |
|
| Details | File | 1 | wallet_screenshot_2023_09_06_qbao_network.rar |
|
| Details | File | 3 | screenshot_2023_09_06_qbao_network.html |
|
| Details | File | 4 | apt34-deploys-phishing-attack-with-new-malware.html |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Threat Actor Identifier - APT | 181 | APT33 |
|
| Details | Threat Actor Identifier - APT | 297 | APT27 |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Threat Actor Identifier - APT | 258 | APT34 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Url | 7 | https://cert.gov.ua/article/5702579 |
|
| Details | Url | 1 | https://www.splunk.com/en_us/blog/security/mockbin-and-the-art-of-deception-tracing-adversaries-going- |
|
| Details | Url | 3 | https://www.mandiant.com/resources/blog/apt29-evolving-diplomatic-phishing |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/security/blog/2023/09/14/peach-sandstorm-password-spray-campaigns-enable- |
|
| Details | Url | 1 | https://cn-sec.com/archives/2030846.html |
|
| Details | Url | 1 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a |
|
| Details | Url | 1 | https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike- |
|
| Details | Url | 1 | https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/dark-river-you-can-t-see-them-but-they- |
|
| Details | Url | 3 | https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html |
|
| Details | Url | 2 | https://www.volexity.com/blog/2023/09/22/evilbamboo-targets-mobile-devices-in-multi-year-campaign |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/alloy-taurus-targets-se-asian-government |
|
| Details | Url | 4 | https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia |
|
| Details | Url | 1 | https://atip.ahnlab.com/ti/contents/regular-report/monthly?i=a2fd94d8 |
|
| Details | Url | 252 | https://medium.com |
|
| Details | Url | 1 | https://www.genians.co.kr/blog/konniapt |
|
| Details | Url | 1 | https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case- |
|
| Details | Url | 1 | https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/budworm-tool-update-telecoms-govt |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/stately-taurus-attacks-se-asian-government |
|
| Details | Url | 2 | https://www.welivesecurity.com/en/eset-research/oilrigs-outer-space-juicy-mix-same-ol-rig-new-drill-pipes |
|
| Details | Url | 3 | https://www.trendmicro.com/en_us/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html |
|
| Details | Url | 1 | https://asec.ahnlab.com/en/56756 |
|
| Details | Url | 1 | https://asec.ahnlab.com/en/56857 |
|
| Details | Url | 1 | https://blog.alyac.co.kr/52519 |
|
| Details | Url | 2 | https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/critical-infrastructure-attacks |
|
| Details | Url | 3 | https://www.sentinelone.com/labs/sandman-apt-a-mystery-group-targeting-telcos-with-a-luajit-toolkit |
|
| Details | Url | 2 | https://www.welivesecurity.com/en/eset-research/stealth-falcon-preying-middle-eastern-skies-deadglyph |
|
| Details | Url | 1 | https://www.sentinelone.com/labs/capratube-transparent-tribes-caprarat-mimics-youtube-to-hijack-android- |
|
| Details | Url | 34 | https://www.ahnlab.com |
|
| Details | Url | 34 | https://asec.ahnlab.com/en |