HC3: APT41 and Recent Activity

The Office of Information Security and the Health Sector Cybersecurity Coordination Center (HC3) have published a new threat brief on APT41. The brief is TLP:WHITE.


  • Chinese State-Sponsored Threat Actor
  • Members of APT41 have been actively tracked since 2012
  • Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie
  • Has been tracked as two separate groups; dependent on operation
  • History of targeting healthcare, high-tech, telecommunications, higher education, video games, travel, and news organizations
  • Frequently likes to use the following:
    • Spear phishing
    • Water holes
    • Supply chain attacks
    • Backdoors

Download the full paper (36 pp, pdf) at HHS.gov

About the author: Dissent

Comments are closed.