Red Apollo

Red Apollo
Formation	c. 2003–2005[1]
Type	Advanced persistent threat
Purpose	Cyberespionage, cyberwarfare
Region	China
Methods	Zero-days, Phishing, backdoor (computing), RAT, Keylogging
Official language	Chinese
Parent organization	Tianjin State Security Bureau of the Ministry of State Security
Formerly called	APT10; Stone Panda; MenuPass; RedLeaves; CVNX; POTASSIUM;

Red Apollo (also known as APT 10 (by Mandiant), MenuPass (by Fireeye), Stone Panda (by Crowdstrike), and POTASSIUM (by Microsoft))^[1]^[2] is a Chinese state-sponsored cyberespionage group which has operated since 2006. In a 2018 indictment, the United States Department of Justice attributed the group to the Tianjin State Security Bureau of the Ministry of State Security.^[3]

The team was designated an advanced persistent threat by Fireeye, who reported that they target aerospace, engineering, and telecom firms and any government that they believe is a rival of China.

Fireeye stated that they could be targeting intellectual property from educational institutions such as a Japanese university and is likely to expand operations into the education sector in the jurisdictions of nations that are allied with the United States.^[4] Fireeye claimed that they were tracked since 2009, however because of the low-threat nature they had posed, they were not a priority. Fireeye now describes the group as "a threat to organizations worldwide."^[4]

^ "APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat". FireEye. Archived from the original on 2021-04-28. Retrieved 2021-03-07.
^ Kozy, Adam (2018-08-30). "Two Birds, One STONE PANDA". Archived from the original on 2021-01-15. Retrieved 2021-03-07.
^ "Two Chinese Hackers Associated With the Ministry of State Security Charged with Global Computer Intrusion Campaigns Targeting Intellectual Property and Confidential Business Information". United States Department of Justice. 2018-12-20. Archived from the original on 2021-05-01. Retrieved 2021-03-07.
^ ^a ^b "APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat « APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat". FireEye. April 6, 2017. Archived from the original on April 28, 2021. Retrieved June 30, 2019.

[1] "APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat". FireEye. Archived from the original on 2021-04-28. Retrieved 2021-03-07.

[2] Kozy, Adam (2018-08-30). "Two Birds, One STONE PANDA". Archived from the original on 2021-01-15. Retrieved 2021-03-07.

[3] "Two Chinese Hackers Associated With the Ministry of State Security Charged with Global Computer Intrusion Campaigns Targeting Intellectual Property and Confidential Business Information". United States Department of Justice. 2018-12-20. Archived from the original on 2021-05-01. Retrieved 2021-03-07.

[:0-4] "APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat « APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat". FireEye. April 6, 2017. Archived from the original on April 28, 2021. Retrieved June 30, 2019.

[1]

[2]

[3]

[4]

Formation	c. 2003–2005^[1]
Type	Advanced persistent threat
Purpose	Cyberespionage, cyberwarfare
Region	China
Methods	Zero-days, Phishing, backdoor (computing), RAT, Keylogging
Official language	Chinese
Parent organization	Tianjin State Security Bureau of the Ministry of State Security
Formerly called	APT10 Stone Panda MenuPass RedLeaves CVNX POTASSIUM

Red Apollo

From Wikipedia, the free encyclopedia · View on Wikipedia