CNG0136

IndigoZebraIndigoZebra

Also known as: IndigoZebra

Origin
CN
Known aliases
1

Profile

IndigoZebra is a Chinese state-sponsored actor mentioned for the first time by Kaspersky in its APT Trends report Q2 2017, targeting, at the time of its discovery, former Soviet Republics with multiple malware strains including Meterpreter, Poison Ivy, xDown, and a previously unknown backdoor called “xCaon.”

Aliases· 1

IndigoZebra

MITRE ATT&CK Group crosswalk

G0136

References

  1. https://research.checkpoint.com/2021/indigozebra-apt-continues-to-attack-central-asia-with-evolving-tools/
  2. https://www.rewterz.com/rewterz-news/rewterz-threat-intel-indigozebra-apt-group-targeting-central-asia-active-iocs
  3. https://securelist.com/apt-trends-report-q2-2017/79332/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
MUSTANG PANDA
Actor
DAGGER PANDA
Actor
APT31
Actor
QUILTED TIGER
Actor
RAZOR TIGER
Software
xCaon
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.