CN

Unfading Sea HazeUnfading Sea Haze

Also known as: Unfading Sea Haze

Origin
CN
Known aliases
1

Profile

Unfading Sea Haze is a threat actor focused on espionage, targeting government and military organizations in the South China Sea region since 2018. They employ spear-phishing emails with malicious attachments to gain initial access, followed by the deployment of custom malware such as Gh0st RAT variants and SharpJSHandler. The group utilizes scheduled tasks and manipulates local administrator accounts for persistence, while also incorporating Remote Monitoring and Management tools into their attacks. Unfading Sea Haze demonstrates a sophisticated and patient approach, remaining undetected for years and showing adaptability through evolving exfiltration tactics and malware arsenal.

Aliases· 1

Unfading Sea Haze

References

  1. https://www.securityweek.com/newly-detected-chinese-group-targeting-military-government-entities/
  2. https://www.bleepingcomputer.com/news/security/unfading-sea-haze-hackers-hide-on-military-and-govt-networks-for-6-years/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
PurpleHaze
Actor
UNG0002
Actor
Flax Typhoon
Actor
UNC2717
Actor
UNC2814
Actor
ChainedShark
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.