chinaBRONZE BARTON
Objectives
Tools
SUMMARY
BRONZE BARTON has been active since at least 2021 and targets political organizations for intelligence-gathering purposes. CTU researchers assess with moderate confidence that they operate in alignment with PRC intelligence requirements. The group exploits vulnerable internet-facing servers to gain initial access and deploys a web shell for persistence.
BRONZE BARTON routes their command and control communications through a third-party proxy network that CTU researchers track as BRONZE COTTAGE. BRONZE BARTON is adept at moving between on-premises and cloud-based environments to access and exfiltrate data in support of their intelligence collection goals.
Contact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.