APT4

Also known as: PLA Navy, MAVERICK PANDA, BRONZE EDISON, SODIUM, Salmon Typhoon, APT4

Sodium is reportedly a “sophisticated Chinese state-affiliated” threat actor group, which has especially targeted defense, government, and high-tech organizations in the United States.^{[GitHub cybershujin Threat-Actors-use-of-Artifical-Intelligence]}

🌍 Country China

⚡ Risk Level High

🎯 Incident Type Espionage

Private sector Military

Targeted Victims

United States United Kingdom Hong Kong

Introduction

Activities and Tactics

Targeted Sectors: Private sector, Military

Country of Origin: 🇨🇳 China

Risk Level: High

Incident Type: Espionage

Suspected Victims: United States, United Kingdom, Hong Kong

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

China Chopper:
CyberGate:
Cyber Eye RAT:
UNITEDRAKE:

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

[1] [GitHub cybershujin Threat-Actors-use-of-Artifical-Intelligence

Source Attribution

Structured source: APT Groups & Operations Spreadsheet

Data sourced from MISP Galaxy threat-actor cluster (CC0 licensed)

View upstream source record

License: CC BY-NC-SA 3.0

Additional source provenance

APT Groups & Operations Dataset
malpedia Source record Dataset
misp galaxy Dataset

Source and license policy

🔍 Quick Filters

Top Countries

Risk Distribution

High

161

Critical

Low

Medium