SYMBOL | COMMON_NAME | aka. SYNONYMS |
Wekby was described by Palo Alto Networks in a 2015 report as: 'Wekby is a group that has been active for a number of years, targeting various industries such as healthcare, telecommunications, aerospace, defense, and high tech. The group is known to leverage recently released exploits very shortly after those exploits are available, such as in the case of HackingTeams Flash zero - day exploit.'
2020 ⋅ Secureworks ⋅ BRONZE UNION 9002 RAT CHINACHOPPER Enfal Ghost RAT HttpBrowser HyperBro owaauth PlugX Poison Ivy ZXShell EMISSARY PANDA |
2019 ⋅ Council on Foreign Relations ⋅ APT 18 Wekby |
2018-05-18 ⋅ NCC Group ⋅ Emissary Panda – A potential new malicious tool HttpBrowser |
2017-05-31 ⋅ MITRE ⋅ APT18 Ghost RAT HttpBrowser Wekby |
2016-10-17 ⋅ ThreatConnect ⋅ A Tale of Two Targets HttpBrowser EMISSARY PANDA |
2016-05-24 ⋅ Palo Alto Networks Unit 42 ⋅ New Wekby Attacks Use DNS Requests As Command and Control Mechanism Roseam |
2015-02-27 ⋅ ThreatConnect ⋅ The Anthem Hack: All Roads Lead to China HttpBrowser |
2015-02-06 ⋅ CrowdStrike ⋅ CrowdStrike Global Threat Intel Report 2014 BlackPOS CryptoLocker Derusbi Elise Enfal EvilGrab Gameover P2P HttpBrowser Medusa Mirage Naikon NetTraveler pirpi PlugX Poison Ivy Sakula RAT Sinowal sykipot taidoor |
2014-08-19 ⋅ APT Gang Branches Out to Medical Espionage in Community Health Breach Wekby |