chinaBRONZE EDISON
Objectives
Aliases
Tools
SUMMARY
BRONZE EDISON has been active since at least 2007 and has historically used the Wkysol (aka Sykipot) backdoor and installer, delivered via spearphishing emails containing an attachment or download link. CTU researchers assess with moderate confidence that BRONZE EDISON operates on behalf of China. It has targeted individuals in senior positions within organizations and has been linked to intrusions in the fossil fuels, defense and telecoms sectors, with a historic focus on Russia and South Korea. It is unclear whether the group is still active at present.
Contact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.