APT40 (also known as BRONZE MOHAWK (by Secureworks), FEVERDREAM, G0065, Gadolinium (by Microsoft), GreenCrash, Hellsing (by

Kaspersky Kaspersky Lab (; Russian: Лаборатория Касперского, tr. ''Laboratoriya Kasperskogo'') is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in th ...

), Kryptonite Panda (by Crowdstrike), Leviathan (by Proofpoint), MUDCARP, Periscope, Temp.Periscope, and Temp.Jumper) is an advanced persistent threat located in Haikou,

Hainan Province Hainan (, ; ) is the smallest and southernmost province of the People's Republic of China (PRC), consisting of various islands in the South China Sea. , the largest and most populous island in China,The island of Taiwan, which is slightly l ...

, People's Republic of China (PRC), and has been active since at least 2009. APT40 has targeted governmental organizations, companies, and universities in a wide range of industries, including biomedical, robotics, and maritime research, across the United States, Canada, Europe, the Middle East, and the South China Sea area, as well as industries included in China's

Belt and Road Initiative The Belt and Road Initiative (BRI, or B&R), formerly known as One Belt One Road ( zh, link=no, 一带一路) or OBOR for short, is a global infrastructure development strategy adopted by the Chinese government in 2013 to invest in nearly 150 ...

. APT40 is closely connected to Hafnium.

Indictment

On July 19, 2021, the U.S. Department of Justice (DOJ) unsealed an indictment against four APT40 cyber actors for their illicit computer network exploitation activities via front company Hainan Xiandun Technology Development Company.

References

Chinese advanced persistent threat groups Espionage Hacking (computer security) Cyberwarfare {{Hacking in the 2020s

Indictment

See also

References