SYMBOLCOMMON_NAMEaka. SYNONYMS

APT22  (Back to overview)

aka: G0039, Suckfly, BRONZE OLIVE, Group 46

Suckfly is a China-based threat group that has been active since at least 2014


Associated Families

There are currently no families associated with this actor.


References
2022-08-04MandiantMandiant
@online{mandiant:20220804:advanced:afb8956, author = {Mandiant}, title = {{Advanced Persistent Threats (APTs)}}, date = {2022-08-04}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/insights/apt-groups}, language = {English}, urldate = {2022-08-30} } Advanced Persistent Threats (APTs)
APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon
2020SecureworksSecureWorks
@online{secureworks:2020:bronze:472aea8, author = {SecureWorks}, title = {{BRONZE OLIVE}}, date = {2020}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/bronze-olive}, language = {English}, urldate = {2020-05-23} } BRONZE OLIVE
ANGRYREBEL PlugX APT22
2019MITREMITRE ATT&CK
@online{attck:2019:suckfly:686a402, author = {MITRE ATT&CK}, title = {{Group description: Suckfly}}, date = {2019}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0039/}, language = {English}, urldate = {2019-12-20} } Group description: Suckfly
APT22
2016-06-02IBM X-Force ExchangeDoug Franklin
@online{franklin:20160602:suckfly:0b3ee55, author = {Doug Franklin}, title = {{Suckfly APT}}, date = {2016-06-02}, organization = {IBM X-Force Exchange}, url = {https://exchange.xforce.ibmcloud.com/collection/Suckfly-APT-aa8af56fd12d25c98fc49ca5341160ab}, language = {English}, urldate = {2022-08-30} } Suckfly APT
APT22
2016-05-17SymantecJon DiMaggio
@online{dimaggio:20160517:indian:98dff05, author = {Jon DiMaggio}, title = {{Indian organizations targeted in Suckfly attacks}}, date = {2016-05-17}, organization = {Symantec}, url = {https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7a60af1f-7786-446c-976b-7c71a16e9d3b&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments}, language = {English}, urldate = {2020-04-21} } Indian organizations targeted in Suckfly attacks
APT22
2016-04-16SlideShareC. Truncer
@online{truncer:20160416:ever:580dbfc, author = {C. Truncer}, title = {{Ever Present Persistence - Established Footholds Seen in the Wild}}, date = {2016-04-16}, organization = {SlideShare}, url = {http://www.slideshare.net/CTruncer/ever-present-persistence-established-footholds-seen-in-the-wild}, language = {English}, urldate = {2020-01-07} } Ever Present Persistence - Established Footholds Seen in the Wild
APT22
2016-03-15SymantecJon DiMaggio
@online{dimaggio:20160315:suckfly:a1c8359, author = {Jon DiMaggio}, title = {{Suckfly: Revealing the secret life of your code signing certificates}}, date = {2016-03-15}, organization = {Symantec}, url = {https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=62e325ae-f551-4855-b9cf-28a7d52d1534&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments}, language = {English}, urldate = {2020-04-21} } Suckfly: Revealing the secret life of your code signing certificates
APT22

Credits: MISP Project