🇨🇳

HAFNIUM

APT Group Information theft and espionage 9 zero-day CVEs ETDA ✓

Also Known As

No alias recorded

Target Countries 5

Countries highlighted in red

Australia Belgium Germany United Kingdom United States

Sectors Targeted

Finance and Insurance 52 Commercial Banking 52211 Public Administration 92 Computer Systems Design and Related Services 54151 Colleges, Universities, and Professional Schools 6113

Details

Origin 🇨🇳 CN
Last Updated 01 Jun 2022

Malware Families 1

grunt

MITRE ATT&CK 76

T1003 - OS Credential Dumping T1003.001 T1003.003 T1005 T1016 T1016.001 T1018 T1021 - Remote Services T1027 - Obfuscated Files or Information T1033 T1036 - Masquerading T1057 T1059 T1059.001 T1059.003 T1068 T1070 T1070.001 T1071 - Application Layer Protocol T1071.001 T1078 T1078.003 T1078.004 T1083 - File and Directory Discovery T1095 T1098 T1102 - Web Service T1105 T1110 T1110.003 T1114 - Email Collection T1114.002 T1119 T1132 T1132.001 T1136 T1136.002 T1190 T1199 - Trusted Relationship T1213 T1213.002 T1218 T1218.011 T1219 T1505 T1505.003 T1530 T1546 - Event Triggered Execution T1550 T1550.001 T1553 - Subvert Trust Controls T1555 T1555.006 T1560 T1560.001 T1564 T1564.001 T1566 - Phishing T1567 T1567.002 T1583 T1583.003 T1583.005 T1583.006 T1584 T1584.005 T1589 T1589.002 T1590 T1590.005 T1592 T1592.004 T1593 T1593.003 T1685 T1685.005

Related Zero-Days 9

CVE-2021-44228 CVE-2023-2868 CVE-2023-46805 CVE-2024-12356 CVE-2024-21887 CVE-2024-3400 CVE-2025-0282 CVE-2025-53770 CVE-2025-53771