← threatfilter.dev / all groups / RedEcho
RedEcho
Overview
RedEcho is a People’s Republic of China-related threat actor associated with long-running intrusions in Indian critical infrastructure entities. RedEcho overlaps with various other PRC-linked threat groups, such as APT41, and is linked to ShadowPad malware use through shared infrastructure.
TTPs — 5 techniques across 2 tactics
Resource Development
-
T1583.001Domains
Command and Control
-
T1071.001Web Protocols -
T1568Dynamic Resolution -
T1571Non-Standard Port -
T1573.002Asymmetric Cryptography
Tools & malware (1)
ShadowPad
Reporting (2)
- Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group — Recorded Future Insikt Group
- China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions — Recorded Future Insikt Group