[Unnamed groups: China] - Threat Group Cards: A Threat Actor
Encyclopedia
Archived: 2026-04-06 03:25:59 UTC
Home > List all groups > [Unnamed groups: China]
 APT group: [Unnamed groups: China]
Names [Unnamed groups: China] (?)
Country China
Sponsor State-sponsored
Motivation Information theft and espionage
First seen 2018
Description These are reported APT activities attributed to a country, but not to an individual threat group.
Observed
Sectors: Defense, Government.
Countries: Cambodia, Japan, Myanmar, Netherlands, Taiwan, USA and Worlwide.
Tools used COATHANGER.
Operations performed
Jan 2018
China blamed for data theft from US Navy contractor
Jun 2019
Mitsubishi Electric discloses security breach, China is main suspect
Feb 2020
China-Linked Threat Group Targets Taiwan Critical Infrastructure, Smokescreen
Ransomware
Mar 2020
Unknown China-Based APT Targeting Myanmarese Entities
Oct 2020
China hacked Japan’s sensitive defense networks, officials say
https://apt.etda.or.th/cgi-bin/showcard.cgi?u=e319c38c-1f2c-434b-b1b9-6457bc585bcd
Page 1 of 3

2021
Minority report: Fake human rights documents and websites used in cyberattacks
targeting Uyghurs, a Turkic ethnic minority in China
Jan 2022
News Corp discloses hack from 'persistent' nation state cyber attacks
Oct 2022
Amnesty International Canada breached by suspected Chinese hackers
Oct 2022
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by
Aggressive and Skilled Actor, Suspected Links to China
Oct 2022
Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-
42475)
2023
Ministry of Defence of the Netherlands uncovers COATHANGER, a stealthy
Chinese FortiGate RAT
Apr 2023
China-Taiwan Tensions Spark Surge in Cyberattacks on Taiwan
Sep 2023
Chinese APT Targeting Cambodian Government
Oct 2023
Likely China-based Attackers Target High-profile Organizations in Southeast Asia
Feb 2024
Hackers stole 'sensitive' data from Taiwan telecom giant: ministry
Counter operations Jul 2021 The United States, Joined by Allies and Partners, Attributes Malicious Cyber
Activity and Irresponsible State Behavior to the People’s Republic of China

united-states-joined-by-allies-and-partners-attributes-malicious-cyber-activity-and-irresponsible-state-behavior-to-the-peoples-republic-of-china/>
May 2024
Treasury Sanctions a Cybercrime Network Associated with the 911 S5 Botnet
May 2024
911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated
International Operation
Dec 2024
Treasury Sanctions Cybersecurity Company Involved in Compromise of Firewall
Products and Attempted Ransomware Attacks
Mar 2025
Treasury Sanctions China-based Hacker Involved in the Compromise of Sensitive
U.S. Victim Networks
Information
Last change to this card: 21 April 2025
Download this actor card in PDF or JSON format
Source: https://apt.etda.or.th/cgi-bin/showcard.cgi?u=e319c38c-1f2c-434b-b1b9-6457bc585bcd
https://apt.etda.or.th/cgi-bin/showcard.cgi?u=e319c38c-1f2c-434b-b1b9-6457bc585bcd
Page 3 of 3