Lilac Typhoon
MISP
Tipo:
Unknown
Unknown
Paese:
CN
CN
Prima attivita:
Unknown
Unknown
Dettagli:
Lilac Typhoon is a threat actor attributed to China. They have been identified as exploiting the Atlassian Confluence RCE vulnerability CVE-2022-26134, which allows for remote code execution. This vulnerability has been used in cryptojacking campaigns and is included in commercial exploit frameworks. Lilac Typhoon has also been involved in deploying various payloads such as Cobalt Strike, web shells, botnets, coin miners, and ransomware.
Alias (106)
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
DEV-0234
Metadata
| ID: | 592 |
| Created: | 13/01/2026 17:48 |
| Updated: | 07/03/2026 16:00 |