Group: APT18, Threat Group-0416, ...
|APT18, Threat Group-0416, ...|
|Aliases||APT18, Threat Group-0416, TG-0416, Dynamite Panda|
APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical.1
- Scheduled Task - APT18 actors used the native at Windows task scheduler tool to use scheduled tasks for execution on a victim network.1
- External Remote Services - APT18 actors leverage legitimate credentials to log into external remote services.3
- Valid Accounts - APT18 actors leverage legitimate credentials to log into external remote services.3