HOMETHREATSRedJuliett
APT / THREAT GROUP

RedJuliett

🇨🇳China-attributed
1
campaigns
1
aliases
Last seen:Mar 17, 2026

Intelligence Profile

RedJuliett is a likely Chinese state-sponsored threat actor targeting government, academic, technology, and diplomatic organizations in Taiwan. They exploit vulnerabilities in network edge devices for initial access and use SQL injection and directory traversal exploits against web and SQL applications. The group operates from Fuzhou, China, and aims to support Beijing's intelligence collection on Taiwan's economic and diplomatic relations. RedJuliett has also expanded its operations to compromise organizations in other countries such as Hong Kong, Malaysia, and the United States.

Threat Analysis

RedJuliett is a known-sophistication threat actor attributed to China, engaged in cyber operations with a primary motivation of unknown activity patterns.

Known Campaigns

RedJuliett — Active Operations March 2026

RedJuliett is a unknown-motivation threat actor attributed to China. RedJuliett is a likely Chinese state-sponsored threat actor targeting government, academic, technology, and diplomatic organizations in Taiwan. They exploit vulnerabilities in network edge devices for initial access and use SQL injection and directory traversal exploits against w...

ACTIVEMEDIUM2026

External References

Quick Facts

TypeAPT / Threat Group
Origin🇨🇳 China
Aliases1
SourceMalpedia

Also Known As

RedJuliett

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
RedJuliett — APT / Threat Group | Threat Intelligence | CTIWATCH.COM