NEW: Group Profiler — instant APT intel lookup. Try it →

← threatfilter.dev / all groups / IndigoZebra

IndigoZebra

G0136 China MITRE ATT&CK →

Overview

IndigoZebra is a suspected Chinese cyber espionage group that has been targeting Central Asian governments since at least 2014.

Capabilities

Custom malware/implant development — ATT&CK: 3 attributed custom malware families

TTPs — 7 techniques across 4 tactics

Resource Development

T1583.001 Domains
T1583.006 Web Services
T1586.002 Email Accounts
T1588.002 Tool

Initial Access

T1566.001 Spearphishing Attachment

Execution

T1204.002 Malicious File

Command and Control

T1105 Ingress Tool Transfer

Tools & malware (3)

xCaon · BoxCaon · PoisonIvy

Reporting (3)

IndigoZebra APT Hacking Campaign Targets the Afghan Government — Lakshmanan, R.
IndigoZebra APT continues to attack Central Asia with evolving tools — CheckPoint Research
APT Trends report Q2 2017 — Kaspersky Lab's Global Research & Analysis Team