| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UTG-Q-008 is a threat actor targeting Linux platforms, primarily focusing on government and enterprise entities in China. They utilize a massive botnet network for espionage activities, including reconnaissance, brute-forcing, and Trojan component delivery. The actor has a history of compromising thousands of servers in China using a password dictionary based on Chinese Pinyin. UTG-Q-008 operates during standard working hours in the UTC+8 time zone, with potential ties to Eastern Europe.
There are currently no families associated with this actor.
| 2024-06-04
⋅
Qianxin
⋅
Operation Veles: Decade-Long Espionage Targeting the Global Research and Education Sector UTG-Q-008 |