# menuPass 🐼

# Adversary Overview

Active since at least 2006, menuPass (aka APT10) is a threat group believed to be sponsored by the Chinese Ministry of State Security (MSS). The group has focused on the exfiltration of sensitive data in support of Chinese national security objectives. menuPass has targeted the aerospace, construction, engineering, government, and telecommunications sectors primarily in the US, Europe, Japan, and other parts of Southeast Asia. The group is known for orchestrating Operation Cloud Hopper, a global espionage campaign discovered in 2016 and 2017 that involved the sustained exploitation of MSPs. In December 2018, the US DOJ filed criminal charges against two menuPass members in connection to the group’s activities.

# Key Adversary Report References

Source ID	Report Links
1	APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
2	What We Can Do against the Chaotic A41APT Campaign
3	A41APT case
4	APT10: Tracking down the stealth activity of the A41APT campaign
5	Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign
6	Earth Tengshe」によるマルウェア「SigLoader」を用いた攻撃キャンペーンの解説
7	緊急レポート】Microsoft社のデジタル署名ファイルを悪用する「SigLoader」による標的型攻撃を確認
8	Threat Spotlight: MenuPass/QuasarRAT Backdoor
9	深度剖析針對臺灣金融業的 Operation Cache Panda 組織型供應鏈攻擊
10	Uncovering New Activity By APT10
11	UNCOVERING NEW ACTIVITY BY APT10
12	APT Threat Landscape in Japan 2020