NEW: Group Profiler — instant APT intel lookup. Try it →

← threatfilter.dev / all groups / Velvet Ant

Velvet Ant

Overview

Velvet Ant is a threat actor operating since at least 2021. Velvet Ant is associated with complex persistence mechanisms, the targeting of network devices and appliances during operations, and the use of zero day exploits.

Capabilities

  • Exploitation of public-facing / client applications — ATT&CK T1211

TTPs — 22 techniques across 8 tactics

Tools & malware (2)

PlugX · Impacket

Reporting (2)