⚖️

APT31

Aliases

APT31 (Mandiant), Violet Typhoon (MS), Zirconium, Judgment Panda, Mustang Panda, Twill Typhoon

Tags

State-Sponsored

Attribution

🇨🇳

Incidents

APT31 Rekoobe campaign Cyberoam breach (2018)

References

https://attack.mitre.org/groups/G0128/

Last edited

Jan 27, 2025 12:57 PM

Status

Stub

Cloud-fluent

Unique Tools

PlugX

Targeted industries

Federal agenciesMilitary

APT31, also known as Zirconium or Judgment Panda, is an Advanced Persistent Threat group that likely operates to collect intelligence for the Chinese government. Like other nation-state actors, this group focuses on gathering data that aligns with the strategic and geopolitical interests of the People’s Republic of China (PRC). APT31 is known for conducting cyber espionage and carrying out targeted attacks against a diverse set of organizations, including government agencies, military entities, and private companies.

The group, operated through a front company, Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ), from at least 2010 until January 2024.