Amaranth-Dragon
0 incidentes
0 paises
0 sectores
apt CN Ultimo: -
Amaranth-Dragon is a China-linked cyber espionage threat actor that first emerged in March 2025, closely associated with the APT-41 ecosystem. The group's primary motivation is geopolitical intelligence collection, focusing on government institutions and law enforcement agencies across Southeast Asia. What distinguishes Amaranth-Dragon is its rapid ability to weaponize newly disclosed vulnerabilities, such as CVE-2025-8088, within days of public disclosure, and its execution of highly controlled, low-volume, targeted campaigns utilizing geo-restricted infrastructure. They frequently time their operations and tailor lures to coincide with local political, economic, or security events in the target regions, maximizing the likelihood of victim engagement. While maintaining strong technical and operational ties to APT-41, Amaranth-Dragon operates as a distinct, newly identified entity.