UNC3886
Overview
China-nexus espionage actor targeting network edge devices and hypervisors. Exploits zero-days in Fortinet, VMware, and Juniper. Deploys firmware-level implants for persistence.
MITRE ATT&CK Coverage
Recon
Res Dev
Init Access
Execution
Persistence
Priv Esc
Def Evasion
Cred Access
Discovery
Lat Move
Collection
C2
Exfil
Impact
3 of 14 tactics observed
Raw TTPs
Network Edge ExploitationZero-Day UsageFirmware PersistenceHypervisor TargetingCustom Rootkits
Related Intelligence (0)
No articles currently linked to this actor.