HC3: APT41 and Recent Activity
The Office of Information Security and the Health Sector Cybersecurity Coordination Center (HC3) have published a new threat brief on APT41. The brief is TLP:WHITE.
Overview
- Chinese State-Sponsored Threat Actor
- Members of APT41 have been actively tracked since 2012
- Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie
- Has been tracked as two separate groups; dependent on operation
- History of targeting healthcare, high-tech, telecommunications, higher education, video games, travel, and news organizations
- Frequently likes to use the following:
-
- Spear phishing
- Water holes
- Supply chain attacks
- Backdoors
Download the full paper (36 pp, pdf) at HHS.gov
