Elderwood

Also known as: Beijing Group, Elderwood, Elderwood Gang, Sneaky Panda, SNEAKY PANDA, SIG22, G0066

Elderwood is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. Security Affairs Elderwood Sept 2012 The group has targeted defense organizations, supply chain manufacturers, human rights and nongovernmental organizations (NGOs), and IT service providers. Symantec Elderwood Sept 2012 CSM Elderwood Sept 2012

🌍 Country China
🎯 Incident Type Espionage
🧭 ATT&CK G0066
Private sector Civil society

Targeted Victims

United States Canada United Kingdom Switzerland Hong Kong Australia India Taiwan China Denmark

Introduction

Elderwood is a suspected Chinese cyber espionage group that was reportedly responsible for the 2009 Google intrusion known as Operation Aurora. Security Affairs Elderwood Sept 2012 The group has targeted defense organizations, supply chain manufacturers, human rights and nongovernmental organizations (NGOs), and IT service providers. Symantec Elderwood Sept 2012 CSM Elderwood Sept 2012

Activities and Tactics

Targeted Sectors: Private sector, Civil society

Country of Origin: 🇨🇳 China

Incident Type: Espionage

Suspected Victims: United States, Canada, United Kingdom, Switzerland, Hong Kong, Australia, India, Taiwan, China, Denmark

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

Information pending cataloguing.

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

[1] MITRE ATT&CK MITRE ATT&CK entry [2] Security Affairs Elderwood Sept 2012 [3] Symantec Elderwood Sept 2012 [4] CSM Elderwood Sept 2012