CN

UNC4191UNC4191

Also known as: UNC4191

Origin
CN
Known aliases
1

Profile

UNC4191 is a China-linked threat actor that has been involved in cyber espionage campaigns targeting public and private sectors primarily in Southeast Asia. They have been known to use USB devices as an initial infection vector and have been observed deploying various malware families on infected systems. UNC4191's operations have also extended to the US, Europe, and the Asia Pacific Japan region, with a particular focus on the Philippines.

Aliases· 1

UNC4191

References

  1. https://www.mandiant.com/resources/blog/china-nexus-espionage-southeast-asia
  2. https://therecord.media/espionage-group-using-usb-devices-to-hack-targets-in-southeast-asia/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
UNC6691
Actor
UNC4841
Actor
UNC4990
Actor
UNC4540
Actor
UNC215
Actor
UNC3569
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.