RedEcho

MISP

Type:
Unknown

Country:
Unknown

First seen:
Unknown

Details:

[RedEcho](https://attack.mitre.org/groups/G1042) is a People’s Republic of China-related threat actor associated with long-running intrusions in Indian critical infrastructure entities. [RedEcho](https://attack.mitre.org/groups/G1042) overlaps with various other PRC-linked threat groups, such as [APT41](https://attack.mitre.org/groups/G0096), and is linked to [ShadowPad](https://attack.mitre.org/software/S0596) malware use through shared infrastructure.(Citation: RecordedFuture RedEcho 2021)(Citation: RecordedFuture RedEcho 2022)

MITRE ATT&CK: View on MITRE

Techniques Used (5)

ID	ATT&CK	Tactics
T1071.001	Web Protocols	-
T1568	Dynamic Resolution	-
T1571	Non-Standard Port	-
T1573.002	Asymmetric Cryptography	-
T1583.001	Domains	-

References (2)

recordedfuture.com - Redecho Targeting Indian Power Sector
therecord.media - Redecho Group Parks Domains After Public Exposure

Related Malware (1)

ShadowPad
other

Metadata

ID:	305
Created:	13/01/2026 17:48
Updated:	20/04/2026 16:00