0attributed CVEs
50ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Rocke](https://attack.mitre.org/groups/G0106) is an alleged Chinese-speaking adversary whose primary objective appeared to be cryptojacking, or stealing victim system resources for the purposes of mining cryptocurrency. The name [Rocke](https://attack.mitre.org/groups/G0106) comes from the email address "rocke@live.cn" used to create the wallet which held collected cryptocurrency. Researchers have detected overlaps between [Rocke](https://attack.mitre.org/groups/G0106) and the Iron Cybercrime Group, though this attribution has not been confirmed.(Citation: Talos Rocke August 2018)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
T1014T1018T1021T1021.004T1027T1027.002T1027.004T1036T1036.005T1037T1046T1053T1053.003T1055T1055.002T1057T1059T1059.004T1059.006T1070T1070.004T1070.006T1071T1071.001T1082T1102T1102.001T1105T1140T1190T1222T1222.002T1496T1496.001T1518T1518.001T1543T1543.002T1547T1547.001T1552T1552.004T1564T1564.001T1571T1574T1574.006T1685T1685.006T1686
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 33 / 50 | 66% |
CM-6 | 31 / 50 | 62% |
CM-2 | 27 / 50 | 54% |
SI-3 | 25 / 50 | 50% |
AC-3 | 23 / 50 | 46% |
CA-7 | 23 / 50 | 46% |
AC-2 | 22 / 50 | 44% |
AC-6 | 22 / 50 | 44% |
CM-7 | 21 / 50 | 42% |
SI-7 | 21 / 50 | 42% |
AC-5 | 17 / 50 | 34% |
CM-5 | 16 / 50 | 32% |
IA-2 | 16 / 50 | 32% |
SC-7 | 12 / 50 | 24% |
AC-17 | 11 / 50 | 22% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- TeamTNT 0.37
- Tropic Trooper 0.26
- KV Botnet Activity 0.26
- BlackByte 0.23
- BRONZE BUTLER 0.23