| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UNC2630 is a threat actor believed to be affiliated with the Chinese government. They engage in cyber espionage activities, targeting organizations aligned with Beijing's strategic objectives. UNC2630 demonstrates advanced tradecraft and employs various malware families, including SLOWPULSE and RADIALPULSE, to compromise Pulse Secure VPN appliances. They also utilize modified binaries and scripts to maintain persistence and move laterally within compromised networks.
There are currently no families associated with this actor.
| 2021-05-27
⋅
FireEye
⋅
Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices UNC2630 UNC2717 |