SYMBOLCOMMON_NAMEaka. SYNONYMS

RedAlpha  (Back to overview)

aka: DeepCliff, Red Dev 3

Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years. The campaigns, which we are collectively naming RedAlpha, combine light reconnaissance, selective targeting, and diverse malicious tooling. We discovered this activity as the result of pivoting off of a new malware sample observed targeting the Tibetan community based in India.


Associated Families

There are currently no families associated with this actor.


References
2022-08-16Recorded FutureInsikt Group®
@techreport{group:20220816:redalpha:5bfb9a3, author = {Insikt Group®}, title = {{RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations}}, date = {2022-08-16}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf}, language = {English}, urldate = {2022-08-30} } RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations
RedAlpha
2022-04-28PWCPWC UK
@techreport{uk:20220428:cyber:46707aa, author = {PWC UK}, title = {{Cyber Threats 2021: A Year in Retrospect}}, date = {2022-04-28}, institution = {PWC}, url = {https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf}, language = {English}, urldate = {2023-07-02} } Cyber Threats 2021: A Year in Retrospect
BPFDoor APT15 APT31 APT41 APT9 BlackTech BRONZE EDGEWOOD DAGGER PANDA Earth Lusca HAFNIUM HAZY TIGER Inception Framework LOTUS PANDA QUILTED TIGER RedAlpha Red Dev 17 Red Menshen Red Nue VICEROY TIGER
2018-08-16Recorded FutureInsikt Group, Sanil Chohan, Winnona Desombre, Justin Grosfelt
@online{group:20180816:chinese:cd91b33, author = {Insikt Group and Sanil Chohan and Winnona Desombre and Justin Grosfelt}, title = {{Chinese Cyberespionage Originating From Tsinghua University Infrastructure}}, date = {2018-08-16}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/chinese-cyberespionage-operations}, language = {English}, urldate = {2023-05-15} } Chinese Cyberespionage Originating From Tsinghua University Infrastructure
ext4 RedAlpha
2018-06-26Recorded FutureJuan Andrés Guerrero-Saade, Sanil Chohan
@online{guerrerosaade:20180626:redalpha:58724c7, author = {Juan Andrés Guerrero-Saade and Sanil Chohan}, title = {{RedAlpha: New Campaigns Discovered Targeting the Tibetan Community}}, date = {2018-06-26}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/redalpha-cyber-campaigns/}, language = {English}, urldate = {2020-01-07} } RedAlpha: New Campaigns Discovered Targeting the Tibetan Community
RedAlpha RedAlpha
2018-06-26Recorded FutureJuan Andrés Guerrero-Saade, Sanil Chohan
@techreport{guerrerosaade:20180626:redalpha:c7f1df0, author = {Juan Andrés Guerrero-Saade and Sanil Chohan}, title = {{RedAlpha: New Campaigns Discovered Targeting theTibetan Community}}, date = {2018-06-26}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2018-0626.pdf}, language = {English}, urldate = {2020-01-09} } RedAlpha: New Campaigns Discovered Targeting theTibetan Community
RedAlpha

Credits: MISP Project