Threat actor · all actors
BlackTechG0098 state
🇨🇳 CN
aka BlackTech, Palmerworm
Last updated: 2026-07-03
0attributed CVEs
20ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[BlackTech](https://attack.mitre.org/groups/G0098) is a suspected Chinese cyber espionage group that has primarily targeted organizations in East Asia--particularly Taiwan, Japan, and Hong Kong--and the US since at least 2013. [BlackTech](https://attack.mitre.org/groups/G0098) has used a combination of custom malware, dual-use tools, and living off the land tactics to compromise media, construction, engineering, electronics, and financial company networks.(Citation: TrendMicro BlackTech June 2017)(Citation: Symantec Palmerworm Sep 2020)(Citation: Reuters Taiwan BlackTech August 2020)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 15 / 20 | 75% |
CM-6 | 14 / 20 | 70% |
CM-2 | 13 / 20 | 65% |
SI-3 | 13 / 20 | 65% |
CA-7 | 11 / 20 | 55% |
AC-4 | 10 / 20 | 50% |
CM-7 | 10 / 20 | 50% |
SC-7 | 9 / 20 | 45% |
SI-2 | 9 / 20 | 45% |
AC-6 | 7 / 20 | 35% |
SC-44 | 7 / 20 | 35% |
SI-7 | 7 / 20 | 35% |
RA-5 | 6 / 20 | 30% |
SI-10 | 6 / 20 | 30% |
SI-8 | 6 / 20 | 30% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Ferocious Kitten 0.35
- Elderwood 0.28
- RedDelta Modified PlugX Infection Chain Operations 0.27
- Mofang 0.26
- Whitefly 0.25
Same nation-state
- Night Dragon 1.00
- FunnyDream 1.00
- Operation Wocao 1.00
- C0017 1.00
- Cutting Edge 1.00
Same category
- Night Dragon 1.00
- FunnyDream 1.00
- C0011 1.00
- Operation Wocao 1.00
- Operation Dream Job 1.00