Group: APT18, Threat Group-0416, ...

From enterprise
Jump to: navigation, search
APT18, Threat Group-0416, ...
ID G0026
Aliases APT18, Threat Group-0416, TG-0416, Dynamite Panda

APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical.1

Alias Descriptions

  • APT18 - 2
  • Threat Group-0416 - 2
  • TG-0416 - 2
  • Dynamite Panda - 2

Techniques Used

  • Scheduled Task - APT18 actors used the native at Windows task scheduler tool to use scheduled tasks for execution on a victim network.1
  • Valid Accounts - APT18 actors leverage legitimate credentials to log into external remote services.3