UAT-5918 is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does UAT-5918 exploit?

Specific CVE exploitation data for UAT-5918 is being tracked. Check the Strobes VI threat actor profile for updates.

UAT-5918

Exploited CVEs

Overview

UAT-5918 is an APT group that targets entities in Taiwan, primarily in telecommunications, healthcare, and IT sectors, to establish long-term access for information theft. They exploit N-day vulnerabilities in unpatched web and application servers to gain initial access and utilize web shells, credential harvesting tools like Mimikatz and LaZagne, and red-teaming tools for post-compromise activities. UAT-5918 conducts network reconnaissance to pivot across endpoints, harvesting credentials and sensitive data, including database backups. Their operations show significant overlap with other APT groups in terms of TTPs and targeted industries.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database