Home » APT31

APT31

APT31 (also know as Zirconium or Judgment Panda) is an Advanced Persistent Threat group whose mission is likely to gather intelligence on behalf of the Chinese government.  Similar to other nation-state actors, the group is focusing on data of interest to the PRC (People’s Republic of China) and its strategic and geopolitical ambitions.

The power of CTI during malware incident analysis replay with Glimps

They are known for conducting cyber espionage and launching targeted attacks against a wide range of organizations, including government agencies, military organizations, and private companies.

APT31 is known for its advanced tactics and techniques, which allow it to conduct sophisticated cyber attacks that are difficult to detect and defend against. The group is known for using a variety of tools and tactics to compromise target systems, including :

  • Malware such as remote access trojans (RATs), keyloggers, and rootkits.
  • Spearphishing campaigns to trick victims into giving away sensitive information or downloading malware. Phishing campaigns often involve sending fraudulent emails or creating fake websites that look legitimate, in order to trick victims into disclosing sensitive information or downloading malware.
  • And zero-day vulnerabilities which are not yet known to cybersecurity professionals.

To learn more, you can check out this article : Walking on APT31 infrastructure footprints.

Our Cyber Threat Intelligence team took an in-depth look at one of their campaigns that took place in 2021.

Other glossary content is also available on our site: CERT, Turla, SaaS SIEM, LuckyMouse, Roaming Mantis, Vice Society, Cyber Threat Intelligence, XDR, SOAR, SIEM, SOC, EDR, CERT, STIX, IoC, Data Loss Prevention.

We are a cybersecurity software publisher. We provide SOC and MSSP teams with a turnkey operational security platform (SOC platform). Through our XDR platformCTI tool and threat intelligence platform, we enable our users to neutralize cyber threats, regardless of the attack surface.

Others Terms

APT27 (LuckyMouse, EmissaryPanda)(Advanced Persistent Threat 27)

APT 27 aka LuckyMouse or EmissaryPanda is a cyber threat actor, reputed to be close to the People's Republic of China (PRC).

APT29 aka Nobelium, Cozy Bear( Advanced Persistent Threat 29)

Nobelium, also known as APT29, is a cyber espionage group that is believed to be operated by the Russian government.

Échangez avec l’équipe

Vous souhaitez en savoir plus sur nos solutions de protection ?
Vous voulez découvrir nos produits de XDR et de CTI ?
Vous avez un projet de cybersécurité dans votre organisation ?
Prenez rendez-vous et rencontrons-nous !