CNChinaconfidence: 50

GraylingGrayling

Also known as: Grayling

Origin
CN
Known aliases
1
Target sectors
3
Attribution
State-sponsored

Profile

Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others.

Aliases· 1

Grayling

Target sectors· 3

BiomedicalGovernmentInformation technology

Known victims· 4

  • Taiwan
  • United States
  • Vietnam
  • Solomon Islands

References

  1. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/grayling-taiwan-cyber-attacks

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
GreyVibe
Actor
GreyEnergy
Actor
GrayCharlie
Actor
Gray Sandstorm
Actor
GrayBravo
Actor
BRONZE STARLIGHT
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.