Uptime Hamster: 15d 6h 35mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza GhostR

GhostR

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Ver en IntelTracker → APTTrail →
GhostR is a sophisticated cyber threat actor known for conducting cyber espionage and ransomware attacks, driven by both financial motives and strategic intelligence gathering. The group has been active since at least 2018 and has been linked to numerous high-profile breaches, distinguishing itself by combining both financially motivated ransomware operations with state-sponsored cyber espionage activities. They are suspected to be of Chinese origin. The group's operational model has evolved to include the exploitation of known vulnerabilities, customized malware, and a recent shift towards living-off-the-land binaries and cloud infrastructure targeting.

Actores similares

GhostRedirectorapt · 0
Tecnicas MITRE
T1021 - Remote Services, T1070 - Indicator Removal on Host, T1199 - Trusted Relationship, T1583.004 - Server, T1568.002 - Domain Generation Algorithms, T1069.002 - Domain Groups
CVEs relacionadas
CVE-2025-64446, CVE-2025-6264, CVE-2025-58034, CVE-2025-13223, CVE-2025-1234, CVE-2024-7344
Tipo
apt
Pais origen
CN
Motivacion
-
Impacto
126
Actualizado
Mon, 13 Ap

Sectores objetivo (SOCRadar)

Transit and Ground Passenger TransportationReal EstateHospitalsAir TransportationConstructionPublic AdministrationOil & GasWholesale TradeInsurancePharmaceutical and Medicine Manufacturing