Cyber Resilience

Threat actor · all actors

RockeG0106 unknown

aka Rocke

Last updated: 2026-07-03

0attributed CVEs
50ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[Rocke](https://attack.mitre.org/groups/G0106) is an alleged Chinese-speaking adversary whose primary objective appeared to be cryptojacking, or stealing victim system resources for the purposes of mining cryptocurrency. The name [Rocke](https://attack.mitre.org/groups/G0106) comes from the email address "rocke@live.cn" used to create the wallet which held collected cryptocurrency. Researchers have detected overlaps between [Rocke](https://attack.mitre.org/groups/G0106) and the Iron Cybercrime Group, though this attribution has not been confirmed.(Citation: Talos Rocke August 2018)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-433 / 5066%
CM-631 / 5062%
CM-227 / 5054%
SI-325 / 5050%
AC-323 / 5046%
CA-723 / 5046%
AC-222 / 5044%
AC-622 / 5044%
CM-721 / 5042%
SI-721 / 5042%
AC-517 / 5034%
CM-516 / 5032%
IA-216 / 5032%
SC-712 / 5024%
AC-1711 / 5022%

Co-occurring actors

None.

Similar actors