Uptime Hamster: 15d 10h 51mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza RedAlpha

RedAlpha

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Aliases: DeepCliff, Red Dev 3, otros, la manipulación de datos en comunidades específicas
Ver en IntelTracker → APTTrail →
RedAlpha, also known by the aliases DeepCliff and Red Dev 3, is a cyber-espionage group assessed with high confidence to be state-sponsored and operating on behalf of the Chinese state, having emerged as early as 2015. The group's primary motivation is intelligence gathering, focusing on information aligned with the strategic interests of the Chinese Communist Party. What distinctly sets RedAlpha apart is its consistent, high-volume credential-phishing campaigns that weaponize hundreds of domains to spoof government, humanitarian, and think tank organizations globally, alongside a historical and persistent targeting of ethnic and religious minorities, particularly Tibetan and Uyghur communities. The group frequently re-registers expired domains to maintain its operational infrastructure and has evolved its tactics over time, moving away from older infrastructure TTPs towards more dynamic domain registration and hosting practices.

Aliases del actor

DeepCliffRed Dev 3otrosla manipulación de datos en comunidades específicas

Actores similares

weredevilsactor · 1Red Dev 17apt · 0WeRedEvilsapt · 0devmanransomware · 184redalertransomware · 2redransomwareransomware · 2Scattered Spideractor · 2redactactor · 2Scattered Lapsus$ Huntersthreat-actor · 1redcontroleactor · 1
Motivacion