Free Access
Blog

Axiom APT Group

This image is about the Axiom APT group.

Introduction

Axiom APT Group, known as Group 72, originates from China and has been conducting sophisticated, persistent threat attacks since 2008. These attacks are characterized by a complex and sustained attempt to infiltrate targeted institutions, organizations, or systems.

Target and Sectoral Focus

Since 2008, Axiom has conducted advanced attacks on several government agencies and large corporations internationally. The organizations targeted by the group usually have strategically important information and technology. It often conducts covert espionage activities to gain access to sensitive information that could jeopardize national security.

The Axiom APT group has targeted countries such as the United States, the United Kingdom, Canada, Australia, Germany, and France. It has also targeted and is still targeting the Military, Energy, Telecommunications, and Financial sectors in these countries.

Tools and TTPs used

Axiom APT group uses sophisticated techniques to infiltrate target systems and establish a permanent presence there.

They use phishing emails and social engineering tactics to trick users into infecting them with malware. They also perform reconnaissance activities on the networks they are trying to infiltrate, detect vulnerabilities, and use them to gain access to target systems.

In addition, the APT group especially uses “zero-day” vulnerabilities. By using both their own and newly discovered zero-day vulnerabilities, they gain a great advantage in their infiltration attempts. This method also makes detecting activities carried out in the system difficult.

Conclusion

As a result, when the activities and traces of the Axiom APT group, also known as Group 72, are followed, it is very important for both countries and companies to take measures against this APT group, considering that global operations are carried out. Developing defense mechanisms within the scope of Tactical Cyber Intelligence Activities is necessary, especially in developed or developing countries and the sectors previously targeted by the Axiom APT group.

Check ThreatMon’s IOC Feed to see and follow the APTs and the IOCs!

Try ThreatMon’s Free Premium Access feature to avoid sophisticated attacks by the APTs and keep your systems secure!

 

More posts

This image is about monthly vulnerabilities for September 2024.
Peek into Monthly Vulnerabilities: September 2024
October 9, 2024
This image is about the ServiceNow data leak.
ServiceNow Data Leak: Risks of Misconfigured Knowledge Bases
September 18, 2024
This image is about monthly vulnerabilities for July 2024.
Peek into Monthly Vulnerabilities: July 2024
August 12, 2024
This image is about cyber strategies for the Paris Olympics 2024.
Securing the Games: Cyber Strategies for Paris Olympics 2024
August 9, 2024
This image is about Russian influence operations targeting the Paris Olympics 2024.
Hunter’s Lens: Russian Influence Operations Targeting the Paris Olympics 2024
August 2, 2024
View All
advanced divider

Share this article

Found it interesting? Don’t hesitate to share it to wow your friends or colleagues
advanced divider
Subscribe to our blog newsletter to follow the latest posts
Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.

Platform

Subscriptions

Solutions

Resources

Partner

Company

© 2024 ThreatMon. All rights reserved.
X-twitter Linkedin-in Github