Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Mandiant Exposes APT1 – One of China’s Cyber Espionage Units & Releases 3,000 Indicators

By Dan Mcwhorter on February 18, 2013 -“Today, The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1′s multi-year, enterprise-scale computer espionage campaign.  APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.

Highlights of the report include:

  • Evidence linking APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).
  • A timeline of APT1 economic espionage conducted since 2006 against 141 victims across multiple industries.
  • APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos  showing actual APT1 activity.
  • The timeline and details of over 40 APT1 malware families.
  • The timeline and details of APT1′s extensive attack infrastructure.”


Leave a reply