Naikon apt mitre. (2017, December). Sep 25, 2025 · Naikon was observed compromisin...

Naikon apt mitre. (2017, December). Sep 25, 2025 · Naikon was observed compromising a Southeast Asian government ministry by using spear-phishing to gain credentials. APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION. Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques. Kaspersky described Naikon in a 2015 report as: 'The Naikon group is mostly active in countries such as the Philippines, Malaysia, Cambodia, Indonesia, Vietnam, Myanmar, Singapore, and Nepal, hitting a variety of targets in a very opportunistic way. As the Nebulae backdoor is one of the second stage payloads deployed by the threat actors, compromise should be assumed upon detection. org/groups/G0019) is assessed to be a state-sponsored cyber espionage group attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). (2021, February 3). This user action will typically be observed as follow-on behavior from Spearphishing Attachment. , et al. (2022, May 4). Oct 26, 2022 · Chinese-sponsored Naikon APT resurfaces after years of inactivity. Retrieved November 17, 2024. et al. Retrieved May 26, 2020. xls 当人工智能遇上安全系列博客及开源代码分享，希望您喜欢~. Apr 29, 2021 · Naikon’s success must be worth the investment that the Chinese government has designated for the hacker group. (2022, September 8). Microsoft investigates Iranian attacks against the Albanian government. Naikon is a threat group that has focused on targets around the South China Sea. May 13, 2021 · Bitdefender enables organizations to contend with APT-style attacks with GravityZone Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR) services that apply the MITRE ATT&CK framework to identifying and remediating security incidents throughout the entire attack kill chain. doc, . The activity around this cluster was first observed in Q4 2020 and continued through Q1 2021. Retrieved June 17, 2020. Retrieved September 22, 2022. mitre. Chen, J. An advanced persistent threat (APT) is a stealthy threat, typically manipulated by a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. ' Jan 19, 2026 · [Naikon] (https://attack. Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes. Vrabie, V. NAIKON – Traces from a Military Cyber-Espionage Operation. Retrieved June 29, 2021. (2015, April). Active since at least 2010, Naikon has primarily conducted operations against government, military, and civil organizations in Southeast Asia, as well as against international bodies such as the United Nations Development Programme (UNDP) and the Association of Southeast Asian Nations (ASEAN). The group has been attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). The Naikon APT group was previously attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). Adversaries may use several types of files that require a user to execute them, including . Updated BackConfig Malware Targeting Government and Military Organizations in South Asia. [3] Such threat actors' motivations . Therefore, it is safe to assume that beyond emails, contacts, and other such data, they have been able to exfiltrate significant amounts of highly valuable information. Mitre Framework Mapping Execution: Command and Scripting Interpreter (T1059) Defense Evasion: THE MsnMM CAMPAIGNS: The Earliest Naikon APT Campaigns APT30 Naikon 2015-05-14 ⋅ Kaspersky Labs ⋅ Kurt Baumgartner, Maxim Golovkin The Naikon APT Naikon SslMM Sys10 WinMM xsPlus APT30 Naikon 2015-04-15 ⋅ FireEye ⋅ FireEye APT30 and the Mechanics of a Long-Running Cyber Espionage Campaign backspace FLASHFLOOD NETEAGLE SHIPSHAPE SPACESHIP Unknown Read more APT 30 and the Mechanics of a Long-Running Cyber Espioange Operation The Naikon APT: Tracking Down Geo-Political Intelligence Across APAC, One Nation at a Time An adversary may rely upon a user opening a malicious file in order to gain execution. [1][2] In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals. The Naikon APT group primarily target high profile organisations, government departments and military organisations. They then deployed in-memory loaders leveraging the Windows flaw. Retrieved August 6, 2024. Lunghi, D. Contribute to eastmountyxz/When-AI-meet-Security development by creating an account APT1 APT10 APT2 APT26 APT3 APT30 APT41 Naikon Tonto Team 2019-01-01 ⋅ MITRE ⋅ MITRE ATT&CK Group description: Naikon APT30 Naikon 2017-08-24 ⋅ Kaspersky Labs ⋅ Kaspersky Naikon Targeted Attacks APT30 Naikon 2015-05-29 ⋅ Kaspersky Labs ⋅ Kurt Baumgartner, Maxim Golovkin THE MsnMM CAMPAIGNS: The Earliest Naikon APT Campaigns APT30 Naikon Threat Group Cards: A Threat Actor Encyclopedia APT group: APT 30, Override Panda Last change to this card: 16 August 2025 Download this actor card in PDF or JSON format Previous: APT 29, Cozy Bear, The Dukes Next: APT 31, Judgment Panda, Zirconium ↑ Oct 24, 2018 · The MsnMM Campaigns: The Earliest Naikon APT Campaigns. Retrieved April 5, 2021. and Falcone, R. Cybereason Nocturnus. MSTIC. Users may be subjected to social engineering to get them to open a file that will lead to code execution. May 13, 2021 · Bitdefender is proud to publish the results of an investigation into the notorious APT group known as NAIKON, whose recent campaigns focused on stealing data from military organizations in South Asia. The group may be planning to compromise multiple HVTs. (2021, April 23). FireEye Labs. Naikon APT: Cyber Espionage Reloaded. Retrieved April 10, 2019. Hinchliffe, A. (2020, May 11). pdf, . rarmna uru tcup skghbugu vemq uzct rcws aijvzs gzkm qseg