Uptime Hamster: 15d 7h 57mDeploy: 13 Jul 2026 08:04Updated: 2026-07-05
Logo del actor de amenaza Velvet Ant

Velvet Ant

1 incidentes 1 paises 1 sectores apt CN Ultimo: 2026-05-25
Ver en IntelTracker → APTTrail →
Velvet Ant is a China-nexus cyber espionage threat actor active since at least 2016, specializing in long-term persistence within victim networks for intelligence gathering rather than financial gain or disruption. The group is distinguished by its exceptional ability to establish and maintain multiple redundant footholds, often exploiting legacy systems, unpatched network appliances, and zero-day vulnerabilities, while rapidly adapting when detected. This actor notably focuses on compromising network infrastructure to evade endpoint detection and has demonstrated a unique capability to manipulate authentication stacks for stealth and persistence, even pivoting into air-gapped environments from internet-facing systems. Velvet Ant is the designation given by cybersecurity firm Sygnia to this group.

Actores similares

blackshrantacransomware · 8quantumransomware · 2radiantransomware · 2whiteelephantactor · 1apt-modifiedelephantactor · 1apt-rampantkittenactor · 1antefrigusactor · 1symantecactor · 1antlionactor · 1dantiactor · 1
Motivacion