Type to search

China

The cyberwar capabilities of China has no borders, the country is developed and they have the resources to train cyberwar soldiers. The combination of their cyberwar soldiers, ethics, culture and their lust for intelligence and intellectual property makes China one of the most active threat actors that wanders on the political borders of cyberconflict.

In the last decade China’s Specialized military network warfare forces has performed various campaigns.

Some of their advanced persistent threats have been dubbed: APT 16, APT 2, Axiom, Comment Crew, Hidden Lynx, IXESHE, Shell Crew, Wekby and Winnti Group.

Known Advanced Persistent Threats

  • Anchor Panda
  • APT 16
  • APT 2
  • APT 22
  • APT 26
  • APT 4
  • APT 6
  • Axiom
  • BARIUM
  • Beijing Group
  • Big Panda
  • C0d0so
  • Comment Crew
  • DragonOK
  • Electric Panda
  • Eloquent Panda
  • Emissary Panda
  • Foxy Panda

  • Gibberish Panda
  • Goblin Panda
  • Group 27
  • Hammer Panda
  • Hidden Lynx
  • Hurricane Panda
  • Ice Fog
  • Impersonating Panda
  • Iron Group
  • IXESHE
  • Karma Panda
  • Keyhole Panda
  • LEAD
  • Lotus Blossom
  • Lucky Cat
  • Mana Team
  • Mirage
  • Mofang

  • Naikon
  • NetTraveler
  • Night Dragon
  • Nightshade Panda
  • Pale Panda
  • PassCV
  • Pirate Panda
  • Pitty Tiger
  • PLATINUM
  • Poisonous Panda
  • Predator Panda
  • Radio Panda
  • Sabre Panda
  • Scarlet Mimic
  • Shell Crew
  • Spicy Panda
  • SPIVY
  • Stone Panda

  • Suckfly
  • SVCMONDR
  • TA459
  • TEMP.Periscope
  • TEMP.Zhenbao
  • Temper Panda
  • Test Panda
  • Thrip
  • Tick
  • Tonto Team
  • Toxic Panda
  • Union Panda
  • UPS
  • Violin Panda
  • Wekby
  • Wet Panda
  • Winnti Group
  • Wisp Team

Recent news

Cyberwar capabilities

In the last decade the Specialized Military Network Warfare Forces have carried out cyber attacks with the use of well known security tools, various range of remote administration tools and trojans. China is on top of their game, the list below shows the various but limited range of tools, vulnerabilities and exploits that they have used of which we know of.

“150 tools, exploits and vulnerabilities”

Cyberwarzone

  • 3001 RAT
  • 3102 RAT
  • 9002 RAT
  • AceHash
  • Adobe Gh0st
  • Agent.XST
  • AIRBREAK
  • AMT Feature FW evasion
  • ASPXTool
  • Backdoor.Boda
  • Backdoor.Moudoor
  • Backdoor.Vasport
  • BACKSPACe
  • BADFLICK
  • Beacon
  • Bergard Trojan
  • BLACKCOFFEE
  • BS2005
  • BUBBLEWRAP
  • CAKELOG
  • CANDYCLOG
  • Carberp RAT
  • CETTRA
  • ChChes
  • China Chopper
  • China Chopper Webshell
  • CobaltStrike
  • Conpee
  • Cookie Cutter
  • COOKIECLOG
  • CVE-2015-1641
  • CVE-2015-2545
  • CVE-2017-11882
  • Dagger Three (C2 software)
  • Daserf
  • Datper
  • Deputy Dog
  • Derusbi
  • dnsenum
  • Elderwood Project
  • Elise Backdoor
  • ELMER backdoor
  • Etso
  • Etumbot
  • EvilGrab
  • FakeM
  • Firefox
  • Fscan
  • Fucobha Backdoor

  • Gh0st RAT
  • Gofarer
  • Grabber
  • gsecdump
  • HcdLoader
  • HDRoot
  • Hightide
  • Hikit
  • HOMEFRY
  • HTRAN
  • HTTPBrowser
  • Hunter
  • HydraQ
  • icmp_shell
  • IEChecker
  • IsSpace
  • Joy RAT
  • jRat
  • Jynxkit
  • Kaba
  • Kitkiot
  • Kivars
  • Korplug
  • LOWBALL
  • Lstudio
  • LUNCHMONEY
  • China Chopper
  • Mimikatz
  • Mirage
  • MobileOrder
  • MSUpdater
  • Mswab
  • MURKYTOP
  • nbtscan
  • NetCommander
  • NETEAGLE
  • NetTraveler
  • Nidiran
  • Paladin RAT
  • PCrat
  • PHOTO
  • Pirpi
  • PisLoader
  • PittyTiger
  • PlugX
  • Sogu

  • PoisonIvy
  • procdump
  • PsExec
  • Psylo
  • Quasar
  • Rambo Backdoor
  • RARSTONE
  • rdp_crk
  • RedLeaves
  • Riptide
  • RoyalCli
  • Runxx
  • Sabre
  • Sakula
  • Sakurel
  • Scanbox Framework
  • ShimRAT
  • ShimRATReporter
  • Shotput
  • ShowNews
  • SLServer
  • SportLoader
  • Sysget
  • T9000
  • ThreeByte
  • TidePool
  • Timestomper
  • TokenControl
  • Torn RAT
  • Trochilus
  • Trochilus RAT
  • Trojan.Hydraq
  • Trojan.Naid
  • TXER
  • UP007
  • UPPERCUT (aka ANEL)
  • VBS
  • Waterspout
  • wce
  • WCE
  • WEBCnC
  • Webshells
  • whoami
  • Winnti
  • XBash
  • XSControl
  • XSLCmd
  • ZeGhost
  • ZeroT
  • ZxShell