LuminousMoth
MITREUnknown
Unknown
Unknown
[LuminousMoth](https://attack.mitre.org/groups/G1014) is a Chinese-speaking cyber espionage group that has been active since at least October 2020. [LuminousMoth](https://attack.mitre.org/groups/G1014) has targeted high-profile organizations, including government entities, in Myanmar, the Philippines, Thailand, and other parts of Southeast Asia. Some security researchers have concluded there is a connection between [LuminousMoth](https://attack.mitre.org/groups/G1014) and [Mustang Panda](https://attack.mitre.org/groups/G0129) based on similar targeting and TTPs, as well as network infrastructure overlaps.(Citation: Kaspersky LuminousMoth July 2021)(Citation: Bitdefender LuminousMoth July 2021)
Tecniche Utilizzate (28)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1005 | Data from Local System | - |
| T1030 | Data Transfer Size Limits | - |
| T1033 | System Owner/User Discovery | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1041 | Exfiltration Over C2 Channel | - |
| T1053.005 | Scheduled Task | - |
| T1071.001 | Web Protocols | - |
| T1083 | File and Directory Discovery | - |
| T1091 | Replication Through Removable Media | - |
| T1105 | Ingress Tool Transfer | - |
| T1112 | Modify Registry | - |
| T1204.001 | Malicious Link | - |
| T1539 | Steal Web Session Cookie | - |
| T1547.001 | Registry Run Keys / Startup Folder | - |
| T1553.002 | Code Signing | - |
Malware Utilizzato (2)
Metadata
| ID: | 865 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |