🇨🇳

Webworm

APT Group Information theft and espionage 1 zero-day CVE ETDA ✓

Also Known As 2 names

Space Pirates Erudite Mogwai

Target Countries 6

Countries highlighted in red

Germany Georgia Mongolia Serbia Slovakia United States

Sectors Targeted

IT Insurance Carriers and Related Activities 524 Computer Systems Design Services 541512 Energy Aerospace Commercial Banking 52211 Computer Systems Design and Related Services 54151

Details

Origin 🇨🇳 CN
Last Updated 25 Nov 2023

MITRE ATT&CK 33

T1001 - Data Obfuscation T1016 - System Network Configuration Discovery T1018 - Remote System Discovery T1021 - Remote Services T1021.001 - Remote Desktop Protocol T1027 T1046 - Network Service Scanning T1049 - System Network Connections Discovery T1059.001 T1071.001 - Web Protocols T1078 - Valid Accounts T1078.002 - Domain Accounts T1082 - System Information Discovery T1083 - File and Directory Discovery T1087 - Account Discovery T1090 - Proxy T1105 - Ingress Tool Transfer T1132 - Data Encoding T1133 - External Remote Services T1135 - Network Share Discovery T1176 - Browser Extensions T1190 - Exploit Public-Facing Application T1201 - Password Policy Discovery T1204 T1482 - Domain Trust Discovery T1486 - Data Encrypted for Impact T1543.003 - Windows Service T1547 - Boot or Logon Autostart Execution T1562.001 - Disable or Modify Tools T1566 - Phishing T1566.001 - Spearphishing Attachment T1571 - Non-Standard Port T1573 - Encrypted Channel

Related Zero-Days 1

CVE-2018-0802