APT10
High ConfidenceHigh ThreatStone Panda • MenuPass • POTASSIUM • Red Apollo • CVNX • Cicada
APT10, tracked as Stone Panda or MenuPass Group, is a sophisticated Chinese cyber espionage unit linked to the Ministry of State Security (MSS). The group gained notoriety for Operation Cloud Hopper (2014-2017), a global campaign targeting managed service providers (MSPs) to gain access to their clients' networks. This supply chain attack methodology allowed APT10 to compromise organizations across healthcare, aerospace, defense, and technology sectors in at least 12 countries. In 2018, the U.S. Department of Justice indicted two Chinese nationals associated with the group. APT10 continues to evolve their tradecraft, employing custom malware families like QuasarRAT, PlugX, and Poison Ivy.
APT10, tracked as Stone Panda or MenuPass Group, is a sophisticated Chinese cyber espionage unit linked to the Ministry of State Security (MSS). The group gained notoriety for Operation Cloud Hopper (2014-2017), a global campaign targeting managed service providers (MSPs) to gain access to their clients' networks. This supply chain attack methodology allowed APT10 to compromise organizations across healthcare, aerospace, defense, and technology sectors in at least 12 countries. In 2018, the U.S. Department of Justice indicted two Chinese nationals associated with the group. APT10 continues to evolve their tradecraft, employing custom malware families like QuasarRAT, PlugX, and Poison Ivy.
Target Sectors
Target Regions
Attributed to MSS (Ministry of State Security) - Tianjin Bureau (China). Attribution confidence: High.
Future Outlook
APT10 is expected to continue operations targeting Technology sectors.
First observed activity of APT10
Continued active operations