IndigoZebra

MISP

Tipo:
Unknown

Paese:
CN

Prima attivita:
Unknown

Dettagli:

IndigoZebra is a Chinese state-sponsored actor mentioned for the first time by Kaspersky in its APT Trends report Q2 2017, targeting, at the time of its discovery, former Soviet Republics with multiple malware strains including Meterpreter, Poison Ivy, xDown, and a previously unknown backdoor called “xCaon.”

MITRE ATT&CK: View on MITRE

Tecniche Utilizzate (7)

ID	ATT&CK	Tattiche
T1105	Ingress Tool Transfer	-
T1204.002	Malicious File	-
T1566.001	Spearphishing Attachment	-
T1583.001	Domains	-
T1583.006	Web Services	-
T1586.002	Email Accounts	-
T1588.002	Tool	-

Riferimenti (3)

research.checkpoint.com - Indigozebra Apt Continues To Attack Central Asia With Evolving Tools
rewterz.com - Rewterz Threat Intel Indigozebra Apt Group Targeting Central Asia Active Iocs
securelist.com - 79332

Malware Utilizzato (3)

BoxCaon
other

PoisonIvy
other

xCaon
other

Metadata

ID:	459
Created:	13/01/2026 17:48
Updated:	07/03/2026 04:00