Threat Group Cards: A Threat Actor Encyclopedia Compiled by ThaiCERT, a member of the Electronic Transactions Development Agency TLP:WHITE Version 1.0 (12 June 2019) Threat Group Cards: A Threat Actor Encyclopedia Contents Introduction .................................................................................................................................................. 8 Approach ................................................................................................................................................. 8 Legal Notice ............................................................................................................................................ 9 Acknowledgements ................................................................................................................................ 9 Advanced Persistent Threat (APT) Groups .......................................................................................... 10 Anchor Panda, APT 14 ........................................................................................................................ 11 Allanite ................................................................................................................................................... 12 APT 3, Gothic Panda, Buckeye.......................................................................................................... 13 APT 5 ..................................................................................................................................................... 15 APT 6 ..................................................................................................................................................... 16 APT 12, Numbered Panda .................................................................................................................. 17 APT 16, SVCMONDR .......................................................................................................................... 19 APT 17, Deputy Dog ............................................................................................................................ 20 APT 18, Dynamite Panda, Wekby ..................................................................................................... 21 APT 19, C0d0so ................................................................................................................................... 22 APT 20, Violin Panda ........................................................................................................................... 23 APT 29, Cozy Bear, The Dukes ......................................................................................................... 24 APT 30, Override Panda ..................................................................................................................... 27 APT 32, OceanLotus, SeaLotus ........................................................................................................ 29 APT 33, Elfin ......................................................................................................................................... 33 Axiom, Group 72................................................................................................................................... 34 Bahamut ................................................................................................................................................ 35 Barium .................................................................................................................................................... 37 Berserk Bear, Dragonfly 2.0 ............................................................................................................... 39 Blackgear ............................................................................................................................................... 40 BlackOasis ............................................................................................................................................ 41 BlackTech .............................................................................................................................................. 42 Blind Eagle ............................................................................................................................................ 44 Blue Termite, Cloudy Omega ............................................................................................................. 45 Bookworm .............................................................................................................................................. 46 Bronze Butler, Tick ............................................................................................................................... 47 Buhtrap .................................................................................................................................................. 48 2 Threat Group Cards: A Threat Actor Encyclopedia Cadelle ................................................................................................................................................... 50 Callisto Group ....................................................................................................................................... 51 Carbanak, Anunak ............................................................................................................................... 52 Careto, The Mask ................................................................................................................................. 53 Chafer, APT 39 ..................................................................................................................................... 54 Charming Kitten, Newscaster, NewsBeef ........................................................................................ 56 Clever Kitten .......................................................................................................................................... 58 Cobalt Group ......................................................................................................................................... 59 Cold River .............................................................................................................................................. 62 Comment Crew, APT 1 ....................................................................................................................... 63 Confucius ............................................................................................................................................... 65 CopyKittens, Slayer Kitten .................................................................................................................. 66 Corkow, Metel ....................................................................................................................................... 67 Covellite ................................................................................................................................................. 68 Cutting Kitten, TG-2889 ....................................................................................................................... 69 Dark Caracal ......................................................................................................................................... 71 DarkHotel ............................................................................................................................................... 72 DarkHydrus, LazyMeerkat .................................................................................................................. 74 Deep Panda, APT 26, Shell Crew, WebMasters, KungFu Kittens ............................................... 75 Desert Falcons ...................................................................................................................................... 78 DNSpionage .......................................................................................................................................... 80 Domestic Kitten..................................................................................................................................... 81 Donot Team........................................................................................................................................... 82 DragonOK .............................................................................................................................................. 83 DustSquad ............................................................................................................................................. 84 Dust Storm............................................................................................................................................. 85 Elderwood, Sneaky Panda ................................................................................................................. 86 El Machete ............................................................................................................................................ 88 Energetic Bear, Dragonfly ................................................................................................................... 89 Equation Group..................................................................................................................................... 92 Emissary Panda, APT 27, LuckyMouse, Bronze