Organization:APT40

From HandWiki
Short description: Advanced persistent threat located in China
Leviathan
Formationc. 2009[1]
TypeAdvanced persistent threat
PurposeCyberespionage,
HeadquartersHainan Province
Region
China
MethodsMalware, Zero-days, Phishing, backdoor (computing), RAT, Keylogging
Official language
Chinese
Parent organization
Ministry of State Security
Formerly called
APT40
Kryptonite Panda
Hellsing
Leviathan
TEMP.Periscope
Temp.Jumper
Gadolinium
GreenCrash
Bronze Mohawk

APT40 (also known as BRONZE MOHAWK (by Secureworks),[1] FEVERDREAM, G0065, Gadolinium (by Microsoft),[2] GreenCrash, Hellsing (by Kaspersky),[3] Kryptonite Panda (by Crowdstrike), Leviathan (by Proofpoint),[4] MUDCARP, Periscope, Temp.Periscope, and Temp.Jumper) is an advanced persistent threat located in Haikou, Hainan Province, People's Republic of China (PRC), and has been active since at least 2009. APT40 has targeted governmental organizations, companies, and universities in a wide range of industries, including biomedical, robotics, and maritime research, across the United States , Canada , Europe, the Middle East, and the South China Sea area, as well as industries included in China's Belt and Road Initiative.[5]

APT40 is closely connected to Hafnium.[6]

Indictment

On July 19, 2021, the U.S. Department of Justice (DOJ) unsealed an indictment against four APT40 cyber actors for their illicit computer network exploitation activities via front company Hainan Xiandun Technology Development Company.[5]

See also

References