SYMBOLCOMMON_NAMEaka. SYNONYMS

APT1  (Back to overview)

aka: Brown Fox, Byzantine Candor, COMMENT PANDA, Comment Crew, Comment Group, G0006, GIF89a, Group 3, PLA Unit 61398, ShadyRAT, TG-8223

PLA Unit 61398 (Chinese: 61398部队, Pinyin: 61398 bùduì) is the Military Unit Cover Designator (MUCD)[1] of a People's Liberation Army advanced persistent threat unit that has been alleged to be a source of Chinese computer hacking attacks


Associated Families
win.auriga win.bangat win.biscuit win.bouncer win.combos win.cookiebag win.dairy win.getmail win.glooxmail win.goggles win.hacksfase win.helauto win.kurton win.manitsme win.mapiget win.miniasp win.newsreels win.seasalt win.starsypound win.sword win.tabmsgsql win.tarsip win.webc2_adspace win.webc2_ausov win.webc2_bolid win.webc2_cson win.webc2_div win.webc2_greencat win.webc2_head win.webc2_kt3 win.webc2_qbp win.webc2_rave win.webc2_table win.webc2_ugx win.webc2_yahoo

References
2022-08-04MandiantMandiant
Advanced Persistent Threats (APTs)
APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon
2019-11-19FireEyeKelli Vanderlee, Nalani Fraser
Achievement Unlocked: Chinese Cyber Espionage Evolves to Support Higher Level Missions
APT1 APT10 APT2 APT26 APT3 APT30 APT41 Naikon Tonto Team
2019-01-01Council on Foreign RelationsCyber Operations Tracker
PLA Unit 61398
APT1
2019-01-01MITREMITRE ATT&CK
Group description: APT1
APT1
2018-10-18McAfeeAsheer Malhotra, Ryan Sherstobitoff
‘Operation Oceansalt’ Attacks South Korea, U.S., and Canada With Source Code From Chinese Hacker Group
Oceansalt APT1
2018-10-17Raj Samani, Ryan Sherstobitoff
‘Operation Oceansalt’ Delivers Wave After Wave
APT1
2018-01-01FireEyeFireEye
The Forrester New Wave™: External Threat Intelligence Services, Q3 2018.
APT1
2018-01-01MandiantMandiant
APT1
Auriga Biscuit Bouncer Combos CookieBag Dairy GetMail GlooxMail Goggles Hacksfase Helauto Kurton ManItsMe MAPIget MiniASP NewsReels SeaSalt StarsyPound Sword TabMsgSQL Tarsip WebC2-AdSpace WebC2-Ausov WebC2-Bolid WebC2-Cson WebC2-DIV WebC2-GreenCat WebC2-Head WebC2-Kt3 WebC2-Qbp WebC2-Rave WebC2-Table WebC2-UGX WebC2-Yahoo
2014-05-19The New York TimesDavid E. Sanger, Michael S. Schmidt
5 in China Army Face U.S. Charges of Cyberattacks
APT1
2014-03-12FireEyeMike Oppenheim, Ned Moran
A Detailed Examination of the Siesta Campaign
APT1 Siesta
2014-03-06Trend MicroMaharlito Aquino
The Siesta Campaign: A New Targeted Attack Awakens
APT1
2013-02-20FireEyeMandiant
APT 1 Malware Arsenal Technical Annex
bangat
2013-02-19WikipediaVarious
PLA Unit 61398
APT1
2013-02-19FireEyeFireEye
APT1: Exposing One of China’s Cyber Espionage Units
APT1
2013-02-19SymantecA L Johnson
APT1: Q&A on Attacks by the Comment Crew
APT1

Credits: MISP Project