CN

PurpleHazePurpleHaze

Also known as: PurpleHaze

Origin
CN
Known aliases
1

Profile

PurpleHaze is a China-nexus threat actor tracked by SentinelLABS, linked to APT15, known for targeting critical infrastructure sectors such as telecommunications and government organizations. The actor has been associated with reconnaissance attempts against SentinelOne and has utilized ShadowPad, a modular backdoor platform, for cyberespionage and potential ransomware deployment. Investigations are ongoing to determine overlaps between ShadowPad intrusions and PurpleHaze activity, highlighting the extensive sharing of malware and operational practices among Chinese threat groups. The targeting of third-party service providers has raised significant concerns regarding operational security and supply chain monitoring.

Aliases· 1

PurpleHaze

References

  1. https://www.sentinelone.com/labs/top-tier-target-what-it-takes-to-defend-a-cybersecurity-company-from-todays-adversaries/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Unfading Sea Haze
Actor
APT15
Actor
IndigoZebra
Actor
APT-C-12
Actor
MUSTANG PANDA
Actor
LilacSquid
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.