Tags
State-Sponsored
Attribution
🇨🇳
References
Last edited
Nov 24, 2024 3:22 PM
Status
Finalized
Cloud-fluent
Unique Tools
The Gelsemium group has been active since at least 2014 and has been previously analyzed by several security companies. The group's name originates from a translation ESET identified in a VenusTech report, which first referred to the group as 狼毒草. This term corresponds to Gelsemium, a genus of flowering plants in the family Gelsemiaceae. One species, Gelsemium elegans, is known for its toxic compounds, including Gelsemine, Gelsenicine, and Gelsevirine. ESET adopted these names for the three components of the malware family associated with Gelsemium.