GROUPS

Ajax Security Team

Blue Mockingbird

Gamaredon Group

GOLD SOUTHFIELD

Operation Wocao

Silent Librarian

The White Company

Threat Group-1314

Threat Group-3390

GROUPS

A-B

Ajax Security Team

Blue Mockingbird

C-D

E-F

G-H

Gamaredon Group

GOLD SOUTHFIELD

I-J

K-L

M-N

O-P

Operation Wocao

Q-R

S-T

Silent Librarian

The White Company

Threat Group-1314

Threat Group-3390

U-V

W-X

Y-Z

APT16

APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. ^[1]

ID: G0023

Version: 1.1

Created: 31 May 2017

Last Modified: 12 October 2020

Version Permalink

Live Version

Techniques Used

Domain	ID		Name	Use
Enterprise	T1584	.004	Compromise Infrastructure: Server	APT16 has compromised otherwise legitimate sites as staging servers for second-stage payloads.^[1]

Software

ID	Name	References	Techniques
S0064	ELMER	^[1]	Application Layer Protocol: Web Protocols, Commonly Used Port, File and Directory Discovery, Process Discovery

References

Winters, R.. (2015, December 20). The EPS Awakens - Part 2. Retrieved January 22, 2016.