| SYMBOL | COMMON_NAME | aka. SYNONYMS |
The group usually targets vulnerable servers to breach information including internal data from companies or encrypts files and demands money. Their targets of attack are usually Windows servers that are poorly managed or are not patched to the latest version. Besides these, there are also attack cases that targeted email servers or MS-SQL database servers.
There are currently no families associated with this actor.
| 2023-09-11
⋅
AhnLab
⋅
BlueShell Used in APT Attacks Against Korean and Thai Targets BlueShell Sliver Dalbit |
| 2023-09-07
⋅
Sekoia
⋅
My Tea’s not cold. An overview of China’s cyber threat Melofee PingPull SoWaT Sword2033 MgBot MQsTTang PlugX TONESHELL Dalbit MirrorFace |
| 2023-08-22
⋅
AhnLab
⋅
Analysis of APT Attack Cases Targeting Web Services of Korean Corporations Ladon Meterpreter MimiKatz Dalbit |
| 2023-02-13
⋅
AhnLab
⋅
Dalbit (m00nlight): Chinese Hacker Group’s APT Attack Campaign Godzilla Webshell ASPXSpy BlueShell CHINACHOPPER Cobalt Strike Ladon MimiKatz Dalbit |