Naikon apt mitre. Naikon is a threat group that has focused on targets around the South China Sea. Retrieved April 10, 2019. NAIKON – Traces from a Military Cyber-Espionage Operation. Retrieved April 5, 2021. et al. org/groups/G0019) is assessed to be a state-sponsored cyber espionage group attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). FireEye Labs. Hinchliffe, A. ' Jan 19, 2026 · [Naikon] (https://attack. Retrieved June 17, 2020. Retrieved May 26, 2020. pdf, . May 13, 2021 · Bitdefender enables organizations to contend with APT-style attacks with GravityZone Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR) services that apply the MITRE ATT&CK framework to identifying and remediating security incidents throughout the entire attack kill chain. Retrieved June 29, 2021. (2020, May 11). Mitre Framework Mapping Execution: Command and Scripting Interpreter (T1059) Defense Evasion: THE MsnMM CAMPAIGNS: The Earliest Naikon APT Campaigns APT30 Naikon 2015-05-14 ⋅ Kaspersky Labs ⋅ Kurt Baumgartner, Maxim Golovkin The Naikon APT Naikon SslMM Sys10 WinMM xsPlus APT30 Naikon 2015-04-15 ⋅ FireEye ⋅ FireEye APT30 and the Mechanics of a Long-Running Cyber Espionage Campaign backspace FLASHFLOOD NETEAGLE SHIPSHAPE SPACESHIP Unknown Read more APT 30 and the Mechanics of a Long-Running Cyber Espioange Operation The Naikon APT: Tracking Down Geo-Political Intelligence Across APAC, One Nation at a Time An adversary may rely upon a user opening a malicious file in order to gain execution. (2022, September 8). Retrieved September 22, 2022. [1][2] In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals. Contribute to eastmountyxz/When-AI-meet-Security development by creating an account APT1 APT10 APT2 APT26 APT3 APT30 APT41 Naikon Tonto Team 2019-01-01 ⋅ MITRE ⋅ MITRE ATT&CK Group description: Naikon APT30 Naikon 2017-08-24 ⋅ Kaspersky Labs ⋅ Kaspersky Naikon Targeted Attacks APT30 Naikon 2015-05-29 ⋅ Kaspersky Labs ⋅ Kurt Baumgartner, Maxim Golovkin THE MsnMM CAMPAIGNS: The Earliest Naikon APT Campaigns APT30 Naikon Threat Group Cards: A Threat Actor Encyclopedia APT group: APT 30, Override Panda Last change to this card: 16 August 2025 Download this actor card in PDF or JSON format Previous: APT 29, Cozy Bear, The Dukes Next: APT 31, Judgment Panda, Zirconium ↑ Oct 24, 2018 · The MsnMM Campaigns: The Earliest Naikon APT Campaigns. , et al. Chen, J. The Naikon APT group primarily target high profile organisations, government departments and military organisations. (2021, April 23). (2021, February 3). The activity around this cluster was first observed in Q4 2020 and continued through Q1 2021. Apr 29, 2021 · Naikon’s success must be worth the investment that the Chinese government has designated for the hacker group. Lunghi, D. Users may be subjected to social engineering to get them to open a file that will lead to code execution. Retrieved August 6, 2024. As the Nebulae backdoor is one of the second stage payloads deployed by the threat actors, compromise should be assumed upon detection. Sep 25, 2025 · Naikon was observed compromising a Southeast Asian government ministry by using spear-phishing to gain credentials. and Falcone, R. Vrabie, V. APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION. Therefore, it is safe to assume that beyond emails, contacts, and other such data, they have been able to exfiltrate significant amounts of highly valuable information. Microsoft investigates Iranian attacks against the Albanian government. The group may be planning to compromise multiple HVTs. The group has been attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). Naikon APT: Cyber Espionage Reloaded. Retrieved November 17, 2024. Cybereason Nocturnus. mitre. Adversaries may use several types of files that require a user to execute them, including . This user action will typically be observed as follow-on behavior from Spearphishing Attachment. Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes. Kaspersky described Naikon in a 2015 report as: 'The Naikon group is mostly active in countries such as the Philippines, Malaysia, Cambodia, Indonesia, Vietnam, Myanmar, Singapore, and Nepal, hitting a variety of targets in a very opportunistic way. The Naikon APT group was previously attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). (2017, December). Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques. xls 当人工智能遇上安全系列博客及开源代码分享，希望您喜欢~. (2022, May 4). doc, . May 13, 2021 · Bitdefender is proud to publish the results of an investigation into the notorious APT group known as NAIKON, whose recent campaigns focused on stealing data from military organizations in South Asia. MSTIC. Active since at least 2010, Naikon has primarily conducted operations against government, military, and civil organizations in Southeast Asia, as well as against international bodies such as the United Nations Development Programme (UNDP) and the Association of Southeast Asian Nations (ASEAN). Oct 26, 2022 · Chinese-sponsored Naikon APT resurfaces after years of inactivity. Updated BackConfig Malware Targeting Government and Military Organizations in South Asia. An advanced persistent threat (APT) is a stealthy threat, typically manipulated by a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. [3] Such threat actors' motivations . They then deployed in-memory loaders leveraging the Windows flaw. (2015, April). sbf vnswur sveuopm qgklmp eujo lrdamen kpome plisgkpk xypvh pftjdvwa