GROUPS

Overview admin@338 APT1 APT12 APT16 APT17 APT18 APT19 APT28 APT29 APT3 APT30 APT32 APT33 APT37 APT38 APT39 Axiom BlackOasis BRONZE BUTLER Carbanak Charming Kitten Cleaver Cobalt Group CopyKittens Dark Caracal Darkhotel DarkHydrus Deep Panda Dragonfly Dragonfly 2.0 DragonOK Dust Storm Elderwood Equation FIN10 FIN4 FIN5 FIN6 FIN7 FIN8 Gallmaker Gamaredon Group GCMAN Gorgon Group Group5 Honeybee Ke3chang Lazarus Group Leafminer Leviathan Lotus Blossom Magic Hound menuPass Moafee Molerats MuddyWater Naikon NEODYMIUM Night Dragon OilRig Orangeworm Patchwork PittyTiger PLATINUM Poseidon Group PROMETHIUM Putter Panda Rancor RTM Sandworm Team Scarlet Mimic Silence SilverTerrier Soft Cell Sowbug Stealth Falcon Stolen Pencil Strider Suckfly TA459 TA505 Taidoor TEMP.Veles The White Company Threat Group-1314 Threat Group-3390 Thrip Tropic Trooper Turla Winnti Group WIRTE

Overview A-B

admin@338 APT1 APT12 APT16 APT17 APT18 APT19 APT28 APT29 APT3 APT30 APT32 APT33 APT37 APT38 APT39 Axiom BlackOasis BRONZE BUTLER

C-D

Carbanak Charming Kitten Cleaver Cobalt Group CopyKittens Dark Caracal Darkhotel DarkHydrus Deep Panda Dragonfly Dragonfly 2.0 DragonOK Dust Storm

E-F

Elderwood Equation FIN10 FIN4 FIN5 FIN6 FIN7 FIN8

G-H

Gallmaker Gamaredon Group GCMAN Gorgon Group Group5 Honeybee

I-J

No groups

K-L

Ke3chang Lazarus Group Leafminer Leviathan Lotus Blossom

M-N

Magic Hound menuPass Moafee Molerats MuddyWater Naikon NEODYMIUM Night Dragon

O-P

OilRig Orangeworm Patchwork PittyTiger PLATINUM Poseidon Group PROMETHIUM Putter Panda

Q-R

Rancor RTM

S-T

Sandworm Team Scarlet Mimic Silence SilverTerrier Soft Cell Sowbug Stealth Falcon Stolen Pencil Strider Suckfly TA459 TA505 Taidoor TEMP.Veles The White Company Threat Group-1314 Threat Group-3390 Thrip Tropic Trooper Turla

U-V

No groups

W-X

Winnti Group WIRTE

Y-Z

No groups

Taidoor

Taidoor is a threat group that has operated since at least 2009 and has primarily targeted the Taiwanese government. ^[1]

ID: G0015

Version: 1.0

Techniques Used

Domain	ID	Name	Use
Enterprise	T1032	Standard Cryptographic Protocol	Taidoor uses RC4 to encrypt the message body of HTTP content.^[1]

References

Trend Micro. (2012). The Taidoor Campaign. Retrieved November 12, 2014.