Hellsing

Also known as: Hellsing

This threat actor uses spear-phishing techniques to compromise diplomatic targets in Southeast Asia, India, and the United States. It also seems to have targeted the APT 30. Possibly uses the same infrastructure as Mirage

🌍 Country China

📅 Activity 2015 — 2015

⚡ Risk Level High

🎯 Incident Type Espionage

Infrastructure Diplomacy Government

2015

Targeted Victims

Malaysia Indonesia Philippines United States India

Introduction

Activities and Tactics

Targeted Sectors: Infrastructure, Diplomacy, Government

Country of Origin: 🇨🇳 China

Risk Level: High

First Seen: 2015

Last Activity: 2015

Incident Type: Espionage

Suspected Victims: Malaysia, Indonesia, Philippines, United States, India

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No atomic indicators are listed in this profile. The APTnotes snapshot indexes 2 public reports that may contain IOCs; see Source Attribution for dataset links.

Malware and Tools

UNITEDRAKE

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

References pending cataloguing.

Source Attribution

Structured source: MISP Galaxy

Data sourced from MISP Galaxy threat-actor cluster (CC0 licensed)

View upstream source record

License: CC BY-NC-SA 3.0

Additional source provenance

aptnotes Repository Dataset
malpedia Source record Dataset
misp galaxy Dataset

Source and license policy

🔍 Quick Filters

Top Countries

Risk Distribution

High

161

Critical

Low

Medium