SYMBOLCOMMON_NAMEaka. SYNONYMS

APT 30  (Back to overview)

aka: APT30

APT 30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches.


Associated Families
win.backbend win.backspace win.creamsicle win.flashflood win.gemcutter win.milkmaid win.neteagle win.orangeade win.rctrl win.rhttpctrl win.shipshape win.spaceship

References
2020-06-19Positive TechnologiesAlexey Vishnyakov
@online{vishnyakov:20200619:eagle:01efbbd, author = {Alexey Vishnyakov}, title = {{The eagle eye is back: old and new backdoors from APT30}}, date = {2020-06-19}, organization = {Positive Technologies}, url = {https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/eagle-eye-is-back-apt30/}, language = {English}, urldate = {2020-06-20} } The eagle eye is back: old and new backdoors from APT30
backspace NETEAGLE RCtrl RHttpCtrl APT 30
2020SecureworksSecureWorks
@online{secureworks:2020:bronze:f4862d1, author = {SecureWorks}, title = {{BRONZE GENEVA}}, date = {2020}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/bronze-geneva}, language = {English}, urldate = {2020-05-23} } BRONZE GENEVA
backspace Naikon
2019-03-22MITREMITRE
@online{mitre:20190322:apt30:83830f2, author = {MITRE}, title = {{APT30}}, date = {2019-03-22}, organization = {MITRE}, url = {https://attack.mitre.org/wiki/Group/G0013}, language = {English}, urldate = {2020-01-09} } APT30
APT 30
2019Council on Foreign RelationsCyber Operations Tracker
@online{tracker:2019:30:a7aecdd, author = {Cyber Operations Tracker}, title = {{APT 30}}, date = {2019}, organization = {Council on Foreign Relations}, url = {https://www.cfr.org/interactive/cyber-operations/apt-30}, language = {English}, urldate = {2019-12-20} } APT 30
APT 30 Naikon
2015-04FireEyeFireEye
@techreport{fireeye:201504:apt30:0129bf7, author = {FireEye}, title = {{APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION}}, date = {2015-04}, institution = {FireEye}, url = {https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf}, language = {English}, urldate = {2020-01-07} } APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION
BACKBEND backspace CREAMSICLE FLASHFLOOD GEMCUTTER MILKMAID Naikon NETEAGLE ORANGEADE SHIPSHAPE SPACESHIP SslMM Sys10 WinMM xsPlus APT 30

Credits: MISP Project