G0096

G0096APT41

Description

[APT41](https://attack.mitre.org/groups/G0096) is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, [APT41](https://attack.mitre.org/groups/G0096) has been observed targeting healthcare, telecom, technology, and video game industries in 14 countries. [APT41](https://attack.mitre.org/groups/G0096) overlaps at least partially with public reporting on groups including BARIUM and [Winnti Group](https://attack.mitre.org/groups/G0044).(Citation: FireEye APT41 Aug 2019)(Citation: Group IB APT 41 June 2021)

References

  1. https://attack.mitre.org/groups/G0096
  2. https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf
  3. https://www.mandiant.com/sites/default/files/2022-02/rt-apt41-dual-operation.pdf
  4. https://www.mandiant.com/sites/default/files/2022-02/rt-apt41-dual-operation.pdf
  5. https://www.group-ib.com/blog/colunmtk-apt41/

Software attributed to this3

TypeTargetConfidenceTier
SoftwareMESSAGETAPs0443100%live
SoftwareShadowPads059695%live
SoftwareDEADEYEs105295%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
TA459
Group
APT17
Group
Winnti Group
Group
APT19
Group
APT-C-36
Group
APT30
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.