NEW: Group Profiler — instant APT intel lookup. Try it →

← threatfilter.dev / all groups / APT18

APT18

G0026 China Espionage MITRE ATT&CK →

Also known as: TG-0416 · Dynamite Panda · Threat Group-0416

Overview

APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical.

Targets

Aerospace · Civil society · Defense · Government · Healthcare · High-Tech · Private sector · Telecommunications

Regions

United States

Capabilities

  • Custom malware/implant development — ATT&CK: 4 attributed custom malware families

TTPs — 12 techniques across 5 tactics

Execution

Stealth

Command and Control

Tools & malware (5)

hcdLoader · gh0st RAT · cmd · Pisloader · HTTPBrowser

Reporting (3)