APT17 is a China-based threat group that has conducted network intrusions against U.S. government entities, the defense industry, law firms, information technology companies, mining companies, and non-government organizations. 
Security researchers found code similarities between the backdoor implanted in CCleaner and earlier APT17 samples, therefore implying that APT17 is behind the CCBkdr backdoor part of CCleaner Supply Chain Compromise.
Associated Group Descriptions
|Enterprise||VT0004||.002||Supply Chain Compromise: Compromise Software Supply Chain||
APT17 is suspected to be the APT group behind the supply chain compromise of CCleaner and the distribution of the backdoored version to over 2 million CCleaner users.
|VS0007||CCBkdr||APT17 is suspected to be the APT group inserted the CCBkdr backdoor to CCleaner and distributed it to over 2 million CCleaner users.||Supply Chain Compromise: Compromise Software Supply Chain|
Created: 05 May 2021
Last Modified: 05 May 2021