APT 16 is a cyber threat group that has been active since at least 2014 and is believed to be associated with the Chinese government.
The group mainly targets organizations in Southeast Asia, especially those related to government, defense, and media sectors.
Some of the aliases for APT 16 are Vixen Panda, EvilPost, and Tailgater Team
History
In 2014, the group compromised the website of the Cambodian Ministry of Foreign Affairs and injected a malicious script that redirected visitors to a phishing site
In 2015, the group targeted the website of the Myanmar President’s Office and inserted a backdoor that allowed them to access sensitive information and execute commands on the server
In 2016, the group launched a spearphishing campaign against journalists and activists in Vietnam, using a fake email from a human rights organization as a lure.
In 2017, the group attempted to infiltrate the network of a Philippine-based think tank that focuses on regional security issues, using a malicious document that exploited a vulnerability in Microsoft Office.