Targeting of organizations in Asia, Europe, and North America

Date of report

April 2022

Affiliations

APT 10

Chinese threat actor APT 10 used a vulnerability in Microsoft Exchange to gain access to victims’ networks, where the attackers deployed a custom loader and the Sodamaster backdoor. APT 10 also used a custom loader to obtain credentials. The attackers spent up to nine months in victims’ networks.

Suspected victims

Government, legal, religious, and nongovernmental organizations in Asia, Europe, and North America

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government
Civil society

Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events