Red Charon
MISPUnknown
Unknown
Unknown
Throughout 2019, multiple companies in the Taiwan high-tech ecosystem were victims of an advanced persistent threat (APT) attack. Due to these APT attacks having similar behavior profiles (similar adversarial techniques, tactics, and procedures or TTP) with each other and previously documented cyberattacks, CyCraft assess with high confidence these new attacks were conducted by the same foreign threat actor. During their investigation, they dubbed this threat actor Chimera. “Chimera” stands for the synthesis of hacker tools that they’ve seen the group use, such as the skeleton key malware that contained code extracted from both Dumpert and Mimikatz — hence Chimera. Their operation — the entirety of the new attacks utilizing the Skeleton Key attack (described below) from late 2018 to late 2019, CyCraft have dubbed Operation Skeleton Key.
References (5)
- i.blackhat.com - Us 20 Chen Operation Chimera APT Operation Targets Semiconductor Vendors.pdf
- wired.com - Chinese Hackers Taiwan Semiconductor Industry Skeleton Key
- cycraft.com - %5BTLP White%5D20200415%20Chimera V4.1.pdf
- medium.com - Taiwan High Tech Ecosystem Targeted By Foreign Apt Group 5473d2ad8730
- pwc.co.uk - Pwc Cyber Threats 2020 A Year In Retrospect.pdf
Metadata
| ID: | 301 |
| Created: | 13/01/2026 17:48 |
| Updated: | 08/03/2026 04:00 |