Uptime Hamster: 0d 0h 0mDeploy: 5 Jul 2026 10:25Updated: 2026-07-10
Logo del actor de amenaza DEV-0147

DEV-0147

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Ver en IntelTracker → APTTrail →
DEV-0147 is a China-based state-sponsored cyber espionage actor that first emerged in February 2023, notably expanding its operations to target diplomatic entities in South America, a region distinct from its traditional focus on government agencies and think tanks in Asia and Europe. The group's primary motivation is cyber espionage and data exfiltration. DEV-0147 is distinguished by its consistent use of established hacking tools like ShadowPad, QuasarLoader, and Cobalt Strike in its campaigns. The moniker DEV-0147 is used by Microsoft to track this emerging threat cluster.

Actores similares

devmanransomware · 184Network Devicesactor · 1Compromise Software Dependencies and Development Toolsactor · 1Device Driver Discoveryactor · 1CS FQL: 32. Detect Data Exfiltration via external storage devicesactor · 1dev-0322actor · 1dev-0343actor · 1weredevilsactor · 1DEV-0586apt · 0Red Dev 17apt · 0
Malware asociado
win.flash_develop
Tecnicas MITRE
T1078.001, T1068, T1105, T1193
CVEs relacionadas
CVE-2025-59287
Tipo
apt
Pais origen
CN
Motivacion
-
Impacto
44
Actualizado
Mon, 13 Ap

Sectores objetivo (SOCRadar)

Funds, Trusts, and Other Financial VehiclesHospitalsPublic AdministrationOil & GasSpace & DefenseEnergy & Utilities InsurancePlastics Product ManufacturingLegal ServicesManagement, Scientific, and Technical Consulting Services