| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others.
There are currently no families associated with this actor.
| 2023-10-10
⋅
Symantec
⋅
Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan Cobalt Strike Havoc MimiKatz Grayling |