Double Dragon (hacking group)
Double Dragon (also known as APT41, BARIUM, Axiom, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie, Blackfly, or Brass Typhoon) is a hacking organization with alleged ties to the Chinese Ministry of State Security (MSS). Classified as an advanced persistent threat, the organization was named by the United States Department of Justice in September 2020 in relation to charges brought against five Chinese and two Malaysian nationals for allegedly compromising more than 100 companies around the world.
In 2019, the cybersecurity company FireEye stated with high confidence that the group was sponsored by the Chinese Communist Party (CCP) while conducting operations for financial gain. The name “Double Dragon” originates from the duality of their operation, as they engage in espionage and individual financial gain. The devices they use are usually used for state-sponsored intelligence.
Investigations conducted by FireEye have found APT 41 operations in multiple sectors, such as healthcare, telecommunications, and technology. The group conducts many of its financial activities in the video game industry, including development studios, distributors, and publishers.
| Formation | 2012 |
|---|---|
| Type | Advanced persistent threat |
| Purpose | Cyberespionage, cyberwarfare, Cybercrime |
Region | China |
| Methods | spearphishing, malware, supply chain attack |
Official language | Mandarin |
| Owner | Ministry of State Security |
Formerly called | APT 41, Barium, Winnti, Wicked Spider, Wicked Panda, TG-2633, Bronze Atlas, Red Kelpie, Blackfly |