cti-ATT-CK-v13.1/enterprise-attack/intrusion-set/intrusion-set--03506554-5f37-4f8f-9ce4-0e9f01a1b484.json

{
    "type": "bundle",
    "id": "bundle--9b0829be-b0a0-4142-97c7-ca9ccfa02048",
    "spec_version": "2.0",
    "objects": [
        {
            "aliases": [
                "Elderwood",
                "Elderwood Gang",
                "Beijing Group",
                "Sneaky Panda"
            ],
            "x_mitre_domains": [
                "enterprise-attack"
            ],
            "x_mitre_contributors": [
                "Valerii Marchuk, Cybersecurity Help s.r.o."
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "id": "intrusion-set--03506554-5f37-4f8f-9ce4-0e9f01a1b484",
            "type": "intrusion-set",
            "created": "2018-04-18T17:59:24.739Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/groups/G0066",
                    "external_id": "G0066"
                },
                {
                    "source_name": "Elderwood",
                    "description": "(Citation: Security Affairs Elderwood Sept 2012) (Citation: Symantec Elderwood Sept 2012) (Citation: CSM Elderwood Sept 2012)"
                },
                {
                    "source_name": "Elderwood Gang",
                    "description": "(Citation: Symantec Elderwood Sept 2012) (Citation: CSM Elderwood Sept 2012)"
                },
                {
                    "source_name": "Beijing Group",
                    "description": "(Citation: CSM Elderwood Sept 2012)"
                },
                {
                    "source_name": "Sneaky Panda",
                    "description": "(Citation: CSM Elderwood Sept 2012)"
                },
                {
                    "url": "http://securityaffairs.co/wordpress/8528/hacking/elderwood-project-who-is-behind-op-aurora-and-ongoing-attacks.html",
                    "description": "Paganini, P. (2012, September 9). Elderwood project, who is behind Op. Aurora and ongoing attacks?. Retrieved February 13, 2018.",
                    "source_name": "Security Affairs Elderwood Sept 2012"
                },
                {
                    "url": "https://web.archive.org/web/20190717233006/http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf",
                    "description": "O'Gorman, G., and McDonald, G.. (2012, September 6). The Elderwood Project. Retrieved February 15, 2018.",
                    "source_name": "Symantec Elderwood Sept 2012"
                },
                {
                    "url": "https://www.csmonitor.com/USA/2012/0914/Stealing-US-business-secrets-Experts-ID-two-huge-cyber-gangs-in-China",
                    "description": "Clayton, M.. (2012, September 14). Stealing US business secrets: Experts ID two huge cyber 'gangs' in China. Retrieved February 15, 2018.",
                    "source_name": "CSM Elderwood Sept 2012"
                }
            ],
            "modified": "2021-03-02T22:40:11.097Z",
            "name": "Elderwood",
            "description": "[Elderwood](https://attack.mitre.org/groups/G0066) is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. (Citation: Security Affairs Elderwood Sept 2012) The group has targeted defense organizations, supply chain manufacturers, human rights and nongovernmental organizations (NGOs), and IT service providers. (Citation: Symantec Elderwood Sept 2012) (Citation: CSM Elderwood Sept 2012)",
            "x_mitre_version": "1.2",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}