THREAT ACTOR: Black Vine

China-backed Black Vine is targeting multiple industries including energy, aerospace and healthcare. The most prominent attack to date from Black Vine occurred when healthcare provider, Anthem, suffered a breach and over 80 million records ended up stolen. That attack came to light when an administrator noticed multiple queries running from the account, but someone else had executed the queries. That discovery of the database queries soon led Anthem to realize it was under attack from an advanced cyber espionage group.

Incidents Associated with this Threat

LnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lci50Yi1jb250YWluZXJbZGF0YS10b29sc2V0LWJsb2Nrcy1jb250YWluZXI9Ijg0MzE4NmU1ZjRlNTBmNDlmZWI4OTliYzEyNDA5MjE3Il0geyBwYWRkaW5nOiAyNXB4OyB9IC53cC1ibG9jay10b29sc2V0LWJsb2Nrcy1jb250YWluZXIudGItY29udGFpbmVyW2RhdGEtdG9vbHNldC1ibG9ja3MtY29udGFpbmVyPSI4NDMxODZlNWY0ZTUwZjQ5ZmViODk5YmMxMjQwOTIxNyJdID4gLnRiLWNvbnRhaW5lci1pbm5lciB7IG1heC13aWR0aDogMTAwJTsgfSBAbWVkaWEgb25seSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDc4MXB4KSB7IC50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99IH0gQG1lZGlhIG9ubHkgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA1OTlweCkgeyAudGItY29udGFpbmVyIC50Yi1jb250YWluZXItaW5uZXJ7d2lkdGg6MTAwJTttYXJnaW46MCBhdXRvfSB9IA==
May 29, 2015: United Hack Connects To Attack Group

Malware Used by this Threat Actor

No malware identified for this threat actor.

THREAT ACTOR: Black Vine

Incidents Associated with this Threat

Malware Used by this Threat Actor

Pin It on Pinterest