Reportseverity: Info2017-05-31

MITRE ATT&CK adds Naikon as Group G0019

published by MITRE

Actor

NaikonCN · ChinaAPT

PRC state-sponsored intrusion set publicly attributed by ThreatConnect and Defense Group Inc. to the People's Liberation Army Unit 78020 (Chengdu Military Region Second Technical Reconnaissance Burea…

Summary

MITRE published the Naikon group entry (G0019) in ATT&CK, characterising the actor as a state-sponsored Chinese cyber-espionage group active since at least 2010 and primarily targeting government, military, and civil organisations in Southeast Asia along with international bodies including the UN Development Programme and ASEAN. The page consolidates associated software including Aria-body, RainyDay, Nebulae, SslMM, WinMM, and RARSTONE.

Primary source

attack.mitre.org

Other Naikon events

2021-04-27Bitdefender details Naikon RainyDay and Nebulae backdoors used against Southeast Asian militaries
2020-05-07Check Point exposes Naikon's Aria-body backdoor in five-year APAC government campaign
2015-09-23ThreatConnect and Defense Group publish Project CAMERASHY attributing Naikon to PLA Unit 78020

Summary

Tags

Primary source

Other Naikon events