ATT&CK v12 is now live! Check out the updates here

GROUPS

Ajax Security Team

BackdoorDiplomacy

Blue Mockingbird

Ferocious Kitten

Gamaredon Group

GOLD SOUTHFIELD

Nomadic Octopus

Silent Librarian

The White Company

Threat Group-1314

Threat Group-3390

Transparent Tribe

GROUPS

A-B

Ajax Security Team

BackdoorDiplomacy

Blue Mockingbird

C-D

E-F

Ferocious Kitten

G-H

Gamaredon Group

GOLD SOUTHFIELD

I-J

K-L

M-N

Nomadic Octopus

O-P

Q-R

S-T

Silent Librarian

The White Company

Threat Group-1314

Threat Group-3390

Transparent Tribe

U-V

W-X

Y-Z

APT16

APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. ^[1]

ID: G0023

Version: 1.1

Created: 31 May 2017

Last Modified: 26 July 2022

Version Permalink

Live Version

Techniques Used

Domain	ID		Name	Use
Enterprise	T1584	.004	Compromise Infrastructure: Server	APT16 has compromised otherwise legitimate sites as staging servers for second-stage payloads.^[1]

Software

ID	Name	References	Techniques
S0064	ELMER	^[1]	Application Layer Protocol: Web Protocols, File and Directory Discovery, Process Discovery

References

Winters, R. (2015, December 20). The EPS Awakens - Part 2. Retrieved January 22, 2016.