216.73.216.82

menuPass

· Published 16/12/2025 19:39 · Modified 27/03/2026 01:13 · Source: The MITRE Corporation

Essential information

Confidence
100/100
Published
16/12/2025 19:39
Modified
27/03/2026 01:13
Updated at
27/03/2026 01:13
Revoked
No
Author / Source
The MITRE Corporation
Resource level
Primary motivation
Related entities
70 attack patterns (mitre), 19 malware, 8 sectors, 2 countries, 61 indicators, 12 tool

Aliases

Cicada POTASSIUM Stone Panda Red Apollo CVNX HOGFISH BRONZE RIVERSIDE APT10

Description

[menuPass](https://attack.mitre.org/groups/G0045) is a threat group that has been active since at least 2006. Individual members of [menuPass](https://attack.mitre.org/groups/G0045) are known to have acted in association with the Chinese Ministry of State Security's (MSS) Tianjin State Security Bureau and worked for the Huaying Haitai Science and Technology Development Company.(Citation: DOJ APT10 Dec 2018)(Citation: District Court of NY APT10 Indictment December 2018) [menuPass](https://attack.mitre.org/groups/G0045) has targeted healthcare, defense, aerospace, finance, maritime, biotechnology, energy, and government sectors globally, with an emphasis on Japanese organizations. In 2016 and 2017, the group is known to have targeted managed IT service providers (MSPs), manufacturing and mining companies, and a university.(Citation: Palo Alto menuPass Feb 2017)(Citation: Crowdstrike CrowdCast Oct 2013)(Citation: FireEye Poison Ivy)(Citation: PWC Cloud Hopper April 2017)(Citation: FireEye APT10 April 2017)(Citation: DOJ APT10 Dec 2018)(Citation: District Court of NY APT10 Indictment December 2018)

Marking (TLP)

TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.