G0065
G0065Leviathan
Description
[Leviathan](https://attack.mitre.org/groups/G0065) is a Chinese state-sponsored cyber espionage group that has been attributed to the Ministry of State Security's (MSS) Hainan State Security Department and an affiliated front company.(Citation: CISA AA21-200A APT40 July 2021) Active since at least 2009, [Leviathan](https://attack.mitre.org/groups/G0065) has targeted the following sectors: academia, aerospace/aviation, biomedical, defense industrial base, government, healthcare, manufacturing, maritime, and transportation across the US, Canada, Europe, the Middle East, and Southeast Asia.(Citation: CISA AA21-200A APT40 July 2021)(Citation: Proofpoint Leviathan Oct 2017)(Citation: FireEye Periscope March 2018)
References
- https://attack.mitre.org/groups/G0065
- https://www.accenture.com/us-en/blogs/cyber-defense/mudcarps-focus-on-submarine-technologies
- https://www.crowdstrike.com/blog/two-birds-one-stone-panda/
- https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets
- https://www.microsoft.com/security/blog/2020/09/24/gadolinium-detecting-empires-cloud/
- https://us-cert.cisa.gov/ncas/alerts/aa21-200a
- https://www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html
- https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html
- https://www.secureworks.com/research/threat-profiles/bronze-mohawk
Software attributed to this4
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Software | BADFLICKs0642 | 100% | live |
| Software | NanHaiShus0228 | 100% | live |
| Software | MURKYTOPs0233 | 95% | live |
| Software | HOMEFRYs0232 | 95% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.