BRONZE SILHOUETTE
Objectives
Aliases
Tools
SUMMARY
BRONZE SILHOUETTE has been active since at least 2021 and primarily targets U.S government and defense organizations for intelligence-gathering purposes. The group exploits vulnerable internet-facing servers to gain initial access and typically deploys a web shell for persistence. BRONZE SILHOUETTE has demonstrated careful consideration for operational security such as the use of living-off-the-land binaries, defense evasion techniques, and compromised infrastructure to prevent detection and attribution of their intrusion activity, and to blend in with legitimate network activity.
CTU researchers assess with moderate confidence that BRONZE SILHOUETTE is operating on behalf the People’s Republic of China. This assessment is based on victimology that aligns with PRC intelligence requirements, and tradecraft overlap with other state-sponsored Chinese threat groups tracked by CTU researchers.
Contactez-nous
Que votre organisation ait besoin d’une assistance immédiate ou que vous souhaitiez discuter de vos besoins en matière de préparation aux incidents, de réponse et de test, contactez-nous directement ci-dessous.