APT / THREAT GROUP🕵️ ESPIONAGE
APT27
🇨🇳China-attributed
1
campaigns
17
aliases
Last seen:Mar 17, 2026
Intelligence Profile
A China-based actor that targets foreign embassies to collect data on government, defence, and technology sectors.
Threat Analysis
APT27 is a known-sophistication threat actor attributed to China, engaged in cyber operations with a primary motivation of espionage.
The group's espionage-oriented operations suggest a state-sponsored or state-aligned mandate, typically focused on stealing intellectual property, government secrets, or military intelligence. Targets are usually selected for strategic value rather than financial gain.
Known Campaigns
APT27 — Active Operations March 2026
APT27 is a unknown-motivation threat actor attributed to China. A China-based actor that targets foreign embassies to collect data on government, defence, and technology sectors....
ACTIVEMEDIUM2026
External References
Quick Facts
TypeAPT / Threat Group
Motivation🕵️ espionage
Origin🇨🇳 China
Aliases17
SourceMalpedia
Also Known As
Iron TigerAPT27TEMP.HippoGroup 35BudwormEarth SmilodonBRONZE UNIONLinen TyphoonLucky MouseGreedyTaotieCircle TyphoonZipTokenRed PhoenixEMISSARY PANDAG0027TG-3390Iron Taurus
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.