Uptime Hamster: 1d 1h 20mDeploy: 13 Jul 2026 10:50Updated: 2026-07-14
Logo del actor de amenaza Operation DRBControl

Operation DRBControl

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Ver en IntelTracker → APTTrail →
Operation DRBControl is a cyberespionage campaign attributed to Chinese threat actors that emerged as early as July 2017, although its spear-phishing activities became notable in May 2019. The group's primary motivation is information theft, specifically targeting databases and source codes from entities in Southeast Asia to gain competitive intelligence. A distinguishing characteristic of Operation DRBControl is its consistent focus on gambling and betting operations within the region, coupled with its use of the legitimate cloud service Dropbox for command and control and data exfiltration. The operation is characterized by its deployment of custom backdoors and its sophisticated approach to evading detection, employing techniques like DLL side-loading. While some reports link its tactics and tools to other Chinese groups such as Winnti and Emissary Panda (APT27), Operation DRBControl itself is not widely recognized under alternative aliases.

Actores similares

Operation Wocaoapt · 1influence-operationsactor · 1Operation Ghostwriterapt · 0Operation C-Majorapt · 0Operation Silent Skimmerapt · 0Operation Cobalt Whisperapt · 0Operation RusticWebapt · 0Operation LiberalFaceapt · 0Operation Olympic Gamesapt · 0Operation SalmonSlalomapt · 0
Tecnicas MITRE
T1071.001, T1133, T1082, T1078
Tipo
apt
Pais origen
CN
Motivacion
-
Impacto
5
Actualizado
Sat, 11 Ma

Sectores objetivo (SOCRadar)

Betting