IndigoZebra  (Back to overview)

IndigoZebra is a Chinese state-sponsored actor mentioned for the first time by Kaspersky in its APT Trends report Q2 2017, targeting, at the time of its discovery, former Soviet Republics with multiple malware strains including Meterpreter, Poison Ivy, xDown, and a previously unknown backdoor called “xCaon.”

Associated Families

There are currently no families associated with this actor.

2021-07-02Rewterz Information SecurityRewterz Information Security
Rewterz Threat Intel – IndigoZebra APT Group Targeting Central Asia – Active IOCs
2021-07-01Check PointCheck Point Research
IndigoZebra APT continues to attack Central Asia with evolving tools
BoxCaon xCaon IndigoZebra
2017-08-08Kaspersky LabsGReAT
APT Trends report Q2 2017

Credits: MISP Project