APT31
Country: People's Republic of China (PRC) Organization: Hubei State Security Department (HSSD), of the Ministry of State Security (MSS) Objective: Espionage (Page Last Updated: December 05, 2024)
Aliases:
- BRONZE VINEWOOD (Secureworks)
- Judgment Panda (CrowdStrike)
- Red keres (PwC)
- TA412 (Proofpoint)
- Violet Typhoon (Microsoft)
- ZIRCONIUM (formerly used by Microsoft, MITRE)
- RedBravo (Recorded Future)
Front Company
- Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ, 武汉晓睿智科技有限责任公司)
Identified Members
- Ni Gaobin (倪高彬)
- Weng Ming (翁明)
- Cheng Feng (程锋)
- Peng Yaowen (彭耀文)
- Sun Xiaohui (孙小辉)
- Xiong Wang (熊旺)
- Zhao Guangzong (赵光宗)
References
Disclaimer: Not an exhaustive list of resources. Most contain actionable intelligence, not just news reporting.
Links (Sorted in Chronological Order)
2024
- October 31, 2024 – Sophos: Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats
- March 25, 2024:
- U.S. Department of Justice: Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians
- U.S. State Department: U.S. Takes Action to Further Disrupt PRC Cyber Activities
- Rewards for Justice: APT31/Wuhan Xiaoruizhi Science &Technology Company, Ltd.
- U.S. Treasury: Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure
- United Kingdom: UK holds China state-affiliated organisations and individuals responsible for malicious cyber activity
- NCSC-UK: UK calls out China state-affiliated actors for malicious cyber targeting of UK democratic institutions and parliamentarians
2021
- CERT-FR: (Update) APT31 modus operandi attack campaign targeting France (French language)
Feedback: Please direct message any comments, concerns, corrections or questions to https://infosec.exchange/@screaminggoat