Jigsaw Security response to TA-17-117A


As many are aware US-CERT has issued several alerts and has been communicating that the Department of Justice has taken action to indict two Chinese actors.

Two members of China's APT 10 hacking group have been indicted by the US Department of Justice on charges unsealed this morning. Zhu Hua (aka Afwar, CVNX, Alayos, and Godkiller) and Zhang Shilong (aka Baobeilong, Zhang Jianguo, and Atreexp) were charged with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.

The pair "acted in association with the Chinese Ministry of State Security's Tianjin State Security Bureau," said the DOJ in a statement. During a campaign lasting at least six years, the two targeted managed service provicers and individual companies, with victims including at least 45 companies in a dozen US states as well as a number of government agencies. (Read Full Dark Reading Article Here)

It should be noted that Jigsaw Security has been tracking this activity since 2015 with some of this activity being known as far back as 2014.

While we are just learning of the US Government's actions today, we have been protecting against this activity (as you can see below) since 2014/2015 when we first became aware of the activity of this group. All of the shared indicators and resources were already previously known by Jigsaw Security and all customers have been protected against this attack since we first discovered it.

Related Events in Jigsaw Security Threat Intelligence:

2018-11-21 (29724) 2018-06-06 (28618) 2018-05-07 (28414) 2018-01-26 (22926) 2018-01-26 (22927) 2018-01-26 (22938) 2017-08-12 (11985) 2017-08-10 (11965) 2017-08-10 (11966) 2017-07-21 (9520) 2017-06-14 (9358) 2017-05-12 (8744) 2017-05-12 (8769) 2017-05-12 (8792) 2017-05-10 (8726) 2017-05-05 (8672) 2017-05-04 (8632) 2017-05-03 (8614) 2017-04-29 (8550) 2017-04-28 (713) 2017-04-27 (8469) 2017-04-27 (8493) 2017-04-27 (8526) 2017-04-22 (8405) 2017-04-22 (8417) 2017-04-19 (8342) 2017-04-19 (8363) 2017-04-19 (8388) 2017-04-12 (8199) 2017-04-12 (7983) 2017-04-12 (8260) 2017-04-12 (8035) 2017-04-12 (8083) 2017-04-12 (8134) 2017-04-11 (7953) 2017-04-10 (7960) 2017-04-10 (7962) 2017-04-10 (7964) 2017-04-10 (8221) 2017-04-10 (8223) 2017-04-10 (8008) 2017-04-10 (8010) 2017-04-10 (8283) 2017-04-10 (8285) 2017-04-10 (8056) 2017-04-10 (8058) 2017-04-10 (8106) 2017-04-10 (8108) 2017-04-10 (7888) 2017-04-10 (7891) 2017-04-10 (8156) 2017-04-10 (8158) 2017-04-10 (7917) 2017-04-10 (7920) 2017-04-08 (7877) 2017-04-08 (7903) 2017-04-08 (7904) 2017-04-07 (7864) 2017-04-06 (7846) 2017-04-05 (7823) 2017-04-05 (7836) 2017-04-03 (7803) 2017-04-01 (7781) 2017-03-30 (7760) 2017-03-29 (7754) 2017-03-21 (7669) 2017-03-19 (7581) 2017-03-19 (7585) 2017-02-23 (7140) 2017-02-16 (40) 2017-02-10 (83) 2017-01-29 (7041) 2017-01-16 (5987) 2017-01-15 (5305) 2017-01-10 (5939) 2016-11-09 (5253) 2016-10-21 (5073) 2016-02-23 (3709) 2015-07-29 (2109) 2015-01-26 (551) 2014-05-12 (301) 2013-10-13 (2167) 2013-03-27 (1288)

#ThreatIntelligence

23 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.