chinaBRONZE PALACE
Objectives
Aliases
Tools
SUMMARY
BRONZE PALACE has targeted government, defense, and technology organizations globally. The group has historically leveraged the ke3chang and shfam9y variants of Enfal, as well as the Mirage trojan. In 2017, BRONZE PALACE reportedly used the RoyalCLI and RoyalDNS malware families in an attack against a company that held information relevant to UK government departments and military technology. Activity that was historically tracked under the BRONZE DAVENPORT and BRONZE IDLEWOOD threat groups has been amalgamated under BRONZE PALACE. CTU researchers assess with moderate confidence that BRONZE PALACE operates on behalf of China.
Threat Analysis
The Mirage CampaignContact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.