IndigoZebra | APT Profile

Description

[IndigoZebra](https://attack.mitre.org/groups/G0136) is a suspected Chinese cyber espionage group that has been targeting Central Asian governments since at least 2014.(Citation: HackerNews IndigoZebra July 2021)(Citation: Checkpoint IndigoZebra July 2021)(Citation: Securelist APT Trends Q2 2017)

Techniques Used (TTPs)

T1583.001 — Domains (resource-development)
T1588.002 — Tool (resource-development)
T1583.006 — Web Services (resource-development)
T1586.002 — Email Accounts (resource-development)
T1566.001 — Spearphishing Attachment (initial-access)
T1204.002 — Malicious File (execution)
T1105 — Ingress Tool Transfer (command-and-control)

Total TTPs: 7

Malware & Tools

Malware: BoxCaon, PoisonIvy, xCaon

← Return to Home ← Back to APT Search