APT31 (also know as Zirconium or Judgment Panda) is an Advanced Persistent Threat group whose mission is likely to gather intelligence on behalf of the Chinese government.  Similar to other nation-state actors, the group is focusing on data of interest to the PRC (People’s Republic of China) and its strategic and geopolitical ambitions.

They are known for conducting cyber espionage and launching targeted attacks against a wide range of organizations, including government agencies, military organizations, and private companies.

APT31 is known for its advanced tactics and techniques, which allow it to conduct sophisticated cyber attacks that are difficult to detect and defend against. The group is known for using a variety of tools and tactics to compromise target systems, including :

  • Malware such as remote access trojans (RATs), keyloggers, and rootkits.
  • Spearphishing campaigns to trick victims into giving away sensitive information or downloading malware. Phishing campaigns often involve sending fraudulent emails or creating fake websites that look legitimate, in order to trick victims into disclosing sensitive information or downloading malware.
  • And zero-day vulnerabilities which are not yet known to cybersecurity professionals.

To learn more, you can check out this article : Walking on APT31 infrastructure footprints.

Our Cyber Threat Intelligence team took an in-depth look at one of their campaigns that took place in 2021.

Other glossary content is also available on our site