chinaBRONZE KEYSTONE
Objectives
Aliases
Tools
SUMMARY
BRONZE KEYSTONE has targeted information across a range of industry verticals that include technology, hospitality and entertainment, manufacturing, not-for-profit environmental groups, human rights groups and government. The group has been linked to the publicly disclosed Bit9 compromise and has been active since at least 2010. CTU researchers assess with moderate confidence that BRONZE KEYSTONE operates on behalf of China. The group uses a set of tools that are often packed, including rootkit components, and has been observed using a variety of tools including BlackCoffee, HiKit, Derusbi, 9002, Gh0stHTTPSDropper and PoisonIvy.
Contact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.