Operate since at least 2011, from several locations in China, with members in Korea and Japan as well. Possibly linked to Onion Dog. This threat actor targets government institutions, military contractors, maritime and shipbuilding groups, telecommunications operators, and others, primarily in Japan and South Korea.
Also known as
IceFog, Trident, RedFoxtrot, Red Wendigo, PLA Unit 69010, UAT-7290, Red Foxtrot.
References
- securelist.com
- securelist.com
- cfr.org
- d2538mqrb7brka.cloudfront.net
- pwc.com
- go.recordedfuture.com
- blog.talosintelligence.com
Actor metadata imported from Malpedia (Fraunhofer FKIE).