ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > IndigoZebra

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: IndigoZebra

NamesIndigoZebra (Check Point)
CountryChina China
MotivationInformation theft and espionage
First seen2014
Description(Check Point) Check Point Research (CPR) has observed an ongoing cyber espionage operation targeting the Afghan government. Believed to be the Chinese-speaking hacker group known as “IndigoZebra”, the threat actors behind the espionage leveraged Dropbox, the popular cloud storage service, to infiltrate the Afghan National Security Council (NSC). Further investigation by CPR revealed that this is the latest in longer-running activity targeting other Central Asian countries, Kyrgyzstan and Uzbekistan, since at least 2014.
ObservedCountries: Afghanistan, Kyrgyzstan, Uzbekistan.
Tools usedDropbox.
Information<https://blog.checkpoint.com/2021/07/01/cyber-espionage-on-afghanistan-kyrgyzstan-and-uzbekistan-by-chinese-speaking-hacker-group/>
MITRE ATT&CK<https://attack.mitre.org/groups/G0136/>

Last change to this card: 30 December 2022

Download this actor card in PDF or JSON format

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]