APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
APT1 (aka Comment Crew, Byzantine Candor) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
APT1
G0006
APT
CN · China
AKA
Comment Crew · Byzantine Candor · GIF89a · PLA Unit 61398 · Brown Fox
CrowdStrike
:
COMMENT PANDA
MITRE
:
G0006
PLA Unit 61398 cyber-espionage group; subject of the 2013 Mandiant APT1 report.
Targets
17
Sectors
15
Threat types
1
GIRs covered
0/480
Active since
2006
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 17 countries
Region filter
Export
origin · China
targeted countries · 17
ASIA ·
6
United Arab Emirates
·
Israel
·
India
·
Japan
·
Singapore
·
Taiwan
EUROPE ·
8
Belgium
·
Switzerland
·
Denmark
·
France
·
United Kingdom
·
Italy
·
Luxembourg
·
Norway
AMERICAS ·
2
Canada
·
United States
AFRICA ·
1
South Africa
Sectors targeted
15 of 40
Government
83 actors
Aerospace
49 actors
Financial Services
61 actors
Healthcare
38 actors
Pharmaceutical
24 actors
Technology
51 actors
Telecom
57 actors
Retail & Hospitality
25 actors
Energy / Utilities
49 actors
Media & Journalism
41 actors
Transportation
25 actors
Food and Beverage
8 actors
Industrials / Engineering
23 actors
Chemicals
15 actors
Private Sector (generic)
28 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 17 techniques
Initial Access
· 2
T1566.001
Spearphishing Attachment
T1566.002
Spearphishing Link
Execution
· 1
T1059.003
Windows Command Shell
Credential Access
· 1
T1003.001
LSASS Memory
Discovery
· 5
T1007
System Service Discovery
T1016
System Network Configuration Discovery
Lateral Movement
· 2
T1021.001
Remote Desktop Protocol
T1550.002
Pass the Hash
Collection
· 5
T1005
Data from Local System
T1114.001
Local Email Collection
T1114.002
Remote Email Collection
Stealth
· 1
T1036.005
Match Legitimate Resource Name or Location
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1049
System Network Connections Discovery
T1057
Process Discovery
T1135
Network Share Discovery
T1119
Automated Collection
T1560.001
Archive via Utility