China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence
June 18, 2024, 9:39 p.m.
Description
Tags
Date
- Created: June 18, 2024, 9:10 p.m.
- Published: June 18, 2024, 9:10 p.m.
- Modified: June 18, 2024, 9:39 p.m.
Indicators
- 3d9aaac0a8e5c7eadd79d8d5c16119d04f4e9db7107fc44a1e32a8746a1ec375
- 91f6547bceddfb2f241570ac82c00de700e311e4a38dea60d8619638f1ed3520
- 202.61.136.158
- 103.138.13.31
- http://202.61.136.158:8443
Attack Patterns
- Velvet Ant
- T1039
- T1048
- T1135
- T1037
- T1018
- T1572
- T1087
- T1021
- T1016
- T1070
- T1574
- T1082
- T1083
- T1570
- T1047
- T1055
- T1569
- T1562
- T1133
- T1090
- T1078
- T1003
- T1059