ChainedShark

Also known as: Actor240820, ChainedShark

ChainedShark is an APT group targeting China’s scientific research sector, particularly professionals in international relations and marine technology, with the intent to steal sensitive data. The group employs advanced techniques, including executable file reconstruction to create fragmented shellcode, and utilizes social engineering tactics to exploit professional scenarios for deceptive attacks. ChainedShark demonstrates a high level of technical sophistication, integrating N-day vulnerability exploits and custom trojans within meticulously designed attack chains. Its operations reflect a mature attack infrastructure and a clear evolutionary trajectory in tactics and execution.

Introduction

ChainedShark is an APT group targeting China’s scientific research sector, particularly professionals in international relations and marine technology, with the intent to steal sensitive data. The group employs advanced techniques, including executable file reconstruction to create fragmented shellcode, and utilizes social engineering tactics to exploit professional scenarios for deceptive attacks. ChainedShark demonstrates a high level of technical sophistication, integrating N-day vulnerability exploits and custom trojans within meticulously designed attack chains. Its operations reflect a mature attack infrastructure and a clear evolutionary trajectory in tactics and execution.

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • Trojan.Karagany
  • China Chopper
  • Trojan.Mebromi
  • SharK
  • Xploit

Attribution and Evidence

Information pending cataloguing.

References

References pending cataloguing.