Group: Suckfly

From enterprise
Jump to: navigation, search
ID G0039
Aliases Suckfly

Suckfly is a China-based threat group that has been active since at least 2014.1

Alias Descriptions

  • Suckfly - 12

Techniques Used

  • Code Signing - Suckfly has used stolen certificates to sign its malware.1
  • Credential Dumping - Suckfly used a signed credential-dumping tool to obtain victim account credentials.2
  • Valid Accounts - Suckfly used legitimate account credentials that they dumped to navigate the internal victim network as though they were the legitimate account owner.2