chinaBRONZE SNOWDROP
Objectives
Aliases
Tools
SUMMARY
BRONZE SNOWDROP is a threat group operating from China, likely accepting tasking from the state. The group has been observed targeting Southeast Asian and U.S. research and education institutions, Hong Kong businesses, charities and non-governmental organizations (NGOs), and U.S. and UK government organizations. BRONZE SNOWDROP is adept at scanning for and exploiting vulnerabilities in network edge devices, particularly F5 and ConnectWise amongst others. The group uses SNOWLIGHT malware (a C-based downloader for Linux systems) as well as common red team tools such as SuperShell, metasploit, Sliver and sqlmap.
Contact Us
Contact us directly whether your organization needs immediate assistance or you want to discuss your incident readiness, response, and testing needs.