• Uses similar tools as Moafee and Rancor, possibly indicating a link between the threat actors
This threat actor targets high-tech and manufacturing companies, primarily from Japan, for the purpose of acquiring trade secrets. In 2017, cybersecurity firms released evidence pointing to the threat actor expanding its targets to Russian and Tibetan interests.
Suspected victims
  • Japan
  • Taiwan
  • Russia
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Private sector