Skip to main content

Threat actor · G0050

APT32

MITRE profile

Also known as SeaLotus, OceanLotus, APT-C-00, Canvas Cyclone, BISMUTH.

APT32 is a suspected Vietnam-based threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as foreign governments, dissidents, and journalists with a strong focus on Southeast Asian countries like Vietnam, the Philippines, Laos, and Cambodia. They have extensively used strategic web compromises to compromise victims.

ATT&CK techniques

78 mapped
T1003T1003.001T1012T1016T1018T1021.002T1027.010T1027.011T1027.013T1027.016T1033T1036T1036.003T1036.004T1036.005T1041T1046T1047T1048.003T1049T1053.005T1055T1056.001T1059T1059.001T1059.003T1059.005T1059.007T1068T1070.004T1070.006T1071.001T1071.003T1072T1078.003T1082T1083T1087.001T1102T1105T1112T1135T1137T1189T1203T1204.001T1204.002T1216.001T1218.005T1218.010T1218.011T1222.002T1505.003T1543.003T1547.001T1550.002T1550.003T1552.002T1560T1564.001T1564.003T1564.004T1566.001T1566.002T1569.002T1570T1571T1574.001T1583.001T1583.006T1585.001T1588.002T1589T1589.002T1598.003T1608.001T1608.004T1685.005