G0018

G0018admin@338

Description

[admin@338](https://attack.mitre.org/groups/G0018) is a China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as [PoisonIvy](https://attack.mitre.org/software/S0012), as well as some non-public backdoors. (Citation: FireEye admin@338)

References

  1. https://attack.mitre.org/groups/G0018
  2. https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html

Software attributed to this2

TypeTargetConfidenceTier
SoftwareLOWBALLs0042100%live
SoftwareBUBBLEWRAPs004395%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
TEMPER PANDA
Group
APT17
Actor
UTA0388
Group
Suckfly
Group
APT18
Group
APT19
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.