Threats Tagged 'chinese'
View all threats tagged with 'chinese'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'chinese'
Click on any threat for detailed analysis and mitigation recommendations
Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor 0 Beginning in late September 2025, multiple affected hosts were observed making requests to domains impersonating content delivery networks (CDNs), including infrastructure masquerading as Yahoo- and Apple-affiliated services. Across these cases, Darktrace identified a consistent behavioral execution pattern: the retrieval of legitimate binaries alongside malicious Dynamic Link Libraries (DLLs), enabling sideloading and execution of a modular .NET-based Remote Access Trojan (RAT) framework. Join the discussion | AlienVault OTX General | 05/18/2026, 19:29:26 UTC Added: 05/18/2026, 19:36:38 UTC |
Silver Dragon Targets Organizations in Southeast Asia and Europe 0 Check Point Research has identified a Chinese-nexus advanced persistent threat group named Silver Dragon, targeting organizations in Southeast Asia and Europe since mid-2024. The group, likely operating under APT41, exploits public-facing servers and uses phishing emails for initial access. They deploy custom tools including GearDoor, a backdoor using Google Drive for command and control, SSHcmd for remote access, and SilverScreen for covert screen monitoring. Silver Dragon primarily focuses on government entities, utilizing Cobalt Strike beacons and DNS tunneling for communication. The group's sophisticated tactics and evolving toolkit demonstrate a well-resourced and adaptable threat actor. Join the discussion | AlienVault OTX General | 03/03/2026, 20:03:17 UTC Added: 03/04/2026, 11:17:24 UTC |
Striking Panda Attacks: APT31 Today 0 APT31, a Chinese cyber espionage group, is actively targeting the Russian IT sector, especially government contractors, using advanced malware and stealthy tactics. They leverage cloud services for command and control, deploy new malware families like AufTime, COFFProxy, VtChatter, YaLeak, CloudyLoader, and OneDriveDoor, and use prepared scripts for lateral movement. Their operations are timed to exploit organizational workflows, such as holidays, enabling prolonged undetected presence. The group employs multiple persistence, credential access, and data exfiltration techniques, evolving their toolkit while retaining older tools to maintain stealth. Although primarily focused on Russia, the sophistication and targeting of government contractors pose risks to European organizations with similar profiles. Mitigation requires tailored detection of cloud-based C2, monitoring lateral movement scripts, and enhanced credential security. Countries with significant IT sectors supporting government contracts and geopolitical interest in Russia-China dynamics are most at risk. The threat is assessed as high severity due to its espionage nature, stealth, and potential for long-term data compromise without requiring user interaction or known exploits in the wild. Join the discussion | AlienVault OTX General | 11/27/2025, 18:37:48 UTC Added: 11/27/2025, 19:03:18 UTC |
Showing 1 to 3 of 3 results