BRONZE DUDLEY
BRONZE DUDLEY is an espionage-focused threat group assessed with moderate confidence to operate on behalf of China. It has used weaponized RTF documents as an initial infection vector to deploy the PoisonIvy remote access trojan. Observed targeting includes entities in Mongolia; third-party reporting indicates the group may also target other government and commercial organizations in East Asia and potentially more broadly. Known aliases include Temp.Hex, Vicious Panda, and TA428. CTU researchers note potential overlaps with BRONZE PRESIDENT and BRONZE HUNTLEY, but currently track all three as distinct activity clusters.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Targeting
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Who they target
Sectors the actor has been observed targeting.
- government
- commercial
Associated malware families
1 malware family attributed to this actor across reporting.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.