SYMBOLCOMMON_NAMEaka. SYNONYMS

Naikon  (Back to overview)

aka: BRONZE GENEVA, BRONZE STERLING, Camerashy, G0013, G0019, Naikon, OVERRIDE PANDA, PLA Unit 78020

Kaspersky described Naikon in a 2015 report as: 'The Naikon group is mostly active in countries such as the Philippines, Malaysia, Cambodia, Indonesia, Vietnam, Myanmar, Singapore, and Nepal, hitting a variety of targets in a very opportunistic way.'


Associated Families
win.nebulae win.ariabody win.naikon win.sslmm win.sys10 win.winmm win.xsplus

References
2023-09-25cocomelonccocomelonc
Malware development trick - part 36: Enumerate process modules. Simple C++ example.
4h_rat Aria-body
2022-08-04MandiantMandiant
Advanced Persistent Threats (APTs)
APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon
2022-05-04CywareCyware
Chinese Naikon Group Back with New Espionage Attack
APT30 Naikon
2022-04-29Cluster25Cluster25
The LOTUS PANDA Is Awake, Again. Analysis Of Its Last Strike.
APT30 Naikon
2021-09-29Medium BlueMonkeyBlueMonkey
Aria-Body Loader? Is that you?
Aria-body
2021-08-03CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae
2021-05-06Twitter (@SyscallE)NtUnmapViewOfSection
Tweet on short analysis of Nebulae Backdoor
Nebulae
2021-04-29SecurityWeekIonut Arghire
Chinese Cyberspies Target Military Organizations in Asia With New Malware
Nebulae
2021-04-28BitdefenderBogdan Botezatu, Victor Vrabie
New Nebulae Backdoor Linked with the NAIKON Group
Nebulae
2021-04-28BleepingComputerSergiu Gatlan
Cyberspies target military organizations with new Nebulae backdoor
Nebulae
2020-09-03Kaspersky LabsDavid Emm
IT threat evolution Q2 2020
PhantomLance Aria-body COMpfun Vicious Panda
2020-05-08Kaspersky LabsGReAT
Naikon’s Aria
Aria-body
2020-05-07CheckpointCheck Point Research
Naikon APT: Cyber Espionage Reloaded
Aria-body
2020-01-01SecureworksSecureWorks
BRONZE GENEVA
backspace APT30 Naikon
2019-11-19FireEyeKelli Vanderlee, Nalani Fraser
Achievement Unlocked: Chinese Cyber Espionage Evolves to Support Higher Level Missions
APT1 APT10 APT2 APT26 APT3 APT30 APT41 Naikon Tonto Team
2019-01-01MITREMITRE ATT&CK
Group description: Naikon
APT30 Naikon
2017-08-24Kaspersky LabsKaspersky
Naikon Targeted Attacks
APT30 Naikon
2015-05-29Kaspersky LabsKurt Baumgartner, Maxim Golovkin
THE MsnMM CAMPAIGNS: The Earliest Naikon APT Campaigns
APT30 Naikon
2015-05-14Kaspersky LabsKurt Baumgartner, Maxim Golovkin
The Naikon APT
Naikon SslMM Sys10 WinMM xsPlus APT30 Naikon
2015-05-01Kaspersky LabsKurt Baumgartner, Maxim Golovkin
The MsnMM Campaigns - The Earliest Naikon APTCampaigns
SslMM Sys10 WinMM xsPlus
2015-04-01FireEyeFireEye
APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION
BACKBEND backspace CREAMSICLE FLASHFLOOD GEMCUTTER MILKMAID Naikon NETEAGLE ORANGEADE SHIPSHAPE SPACESHIP SslMM Sys10 WinMM xsPlus APT30
2015-02-06CrowdStrikeCrowdStrike
CrowdStrike Global Threat Intel Report 2014
BlackPOS CryptoLocker Derusbi Elise Enfal EvilGrab Gameover P2P HttpBrowser Medusa Mirage Naikon NetTraveler pirpi PlugX Poison Ivy Sakula RAT Sinowal sykipot taidoor
2015-01-01ThreatConnectThreatConnect
Naikon Tag in ThreatConnect Blogs
APT30 Naikon
2014-03-25FireEyeAlex Lanstein, Ned Moran
Spear Phishing the News Cycle: APT Actors Leverage Interest in the Disappearance of Malaysian Flight MH 370
APT30 Naikon
2013-02-27Trend MicroAbraham Camba
BKDR_RARSTONE: New RAT to Watch Out For
PlugX Naikon

Credits: MISP Project