SongXY is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does SongXY exploit?

Specific CVE exploitation data for SongXY is being tracked. Check the Strobes VI threat actor profile for updates.

SongXY

Exploited CVEs

Overview

SongXY is a Chinese APT group that employs phishing tactics to initiate cyberespionage campaigns. They utilize the Royal Road RTF builder, exploiting the CVE-2018-0798 vulnerability in Microsoft Equation Editor. In one instance, they sent a document containing a link to an attacker-controlled server, which automatically triggered upon opening, allowing them to gather information about the target's system configuration.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database