Aoqin Dragon

Overview

Aoqin Dragon is a suspected Chinese cyber espionage threat group that has been active since at least 2013. Aoqin Dragon has primarily targeted government, education, and telecommunication organizations in Australia, Cambodia, Hong Kong, Singapore, and Vietnam. Security researchers noted a potential association between Aoqin Dragon and UNC94, based on malware, infrastructure, and targets.

Targets

Education · Government · Telecommunications

Regions

Australia · Cambodia · Hong Kong · Singapore · Vietnam

Capabilities

• Exploitation of public-facing / client applications — ATT&CK T1203

TTPs — 9 techniques across 5 tactics

Tools & malware (2)

Mongall · Heyoka Backdoor

Reporting (1)

• Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years — Chen, Joey