🇨🇳

CeranaKeeper

APT Group Information theft and espionage ETDA ✓

Also Known As

No alias recorded

Target Countries 5

Countries highlighted in red

Japan Myanmar Philippines Thailand Province of China Taiwan

Sectors Targeted

Government

Details

Origin 🇨🇳 CN
Last Updated 05 Jan 2026

MITRE ATT&CK 25

T1005 - Data from Local System T1027 - Obfuscated Files or Information T1036 - Masquerading T1039 - Data from Network Shared Drive T1059 - Command and Scripting Interpreter T1071 - Application Layer Protocol T1072 - Software Deployment Tools T1074 - Data Staged T1083 - File and Directory Discovery T1090 - Proxy T1102 - Web Service T1110 - Brute Force T1132 - Data Encoding T1140 - Deobfuscate/Decode Files or Information T1176 - Browser Extensions T1530 - Data from Cloud Storage Object T1547 - Boot or Logon Autostart Execution T1560 - Archive Collected Data T1566 - Phishing T1567 - Exfiltration Over Web Service T1573 - Encrypted Channel T1574 - Hijack Execution Flow T1583 - Acquire Infrastructure T1585 - Establish Accounts T1587 - Develop Capabilities

Related Zero-Days

No zero-day CVE linked to this actor