HC3: APT41 and Recent Activity

The Office of Information Security and the Health Sector Cybersecurity Coordination Center (HC3) have published a new threat brief on APT41. The brief is TLP:WHITE.

Overview

  • Chinese State-Sponsored Threat Actor
  • Members of APT41 have been actively tracked since 2012
  • Also Known As: Double Dragon, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie
  • Has been tracked as two separate groups; dependent on operation
  • History of targeting healthcare, high-tech, telecommunications, higher education, video games, travel, and news organizations
  • Frequently likes to use the following:
    • Spear phishing
    • Water holes
    • Supply chain attacks
    • Backdoors

Download the full paper (36 pp, pdf) at HHS.gov

About the author: Dissent

Leave a Reply

Your email address will not be published.Email address is required.

This site uses Akismet to reduce spam. Learn how your comment data is processed.