Skip to content

G0023 APT16

APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. 1

Item Value
ID G0023
Associated Names
Version 1.1
Created 31 May 2017
Last Modified 26 July 2022
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1584 Compromise Infrastructure -
enterprise T1584.004 Server APT16 has compromised otherwise legitimate sites as staging servers for second-stage payloads.1

Software

ID Name References Techniques
S0064 ELMER 1 Web Protocols:Application Layer Protocol File and Directory Discovery Process Discovery

References

  1. Winters, R. (2015, December 20). The EPS Awakens - Part 2. Retrieved January 22, 2016.