China-based cyber threat group. It has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy, typically using publicly available RATs such as PoisonIvy, as well as some non-public backdoors. This threat actor targets prodemocratic activists and organizations in Hong Kong, European and international financial institutions, and a U.S.-based think tank.
Also known as
Admin338, Team338, MAGNESIUM, admin@338, G0018.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).