APT18

APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical. [1]

Associated Group Descriptions

Name Description
TG-0416

[2][3]

Dynamite Panda

[2][3]

Threat Group-0416

[2]

Techniques Used

Domain ID Name Use
Enterprise VT0005 Valid Accounts

APT18 actors leverage legitimate credentials to log into external remote services.[4]

References

Attachments

ID
VG0002
Associated Groups
TG-0416
Dynamite Panda
Threat Group-0416
Version
2.1

Created: 02 December 2020

Last Modified: 02 December 2020