2attributed CVEs
12ATT&CK techniques
6.4IDF score (tooling uniqueness)
0exclusive CVEs
2026years active
About this actor
[IndigoZebra](https://attack.mitre.org/groups/G0136) is a suspected Chinese cyber espionage group that has been targeting Central Asian governments since at least 2014.(Citation: HackerNews IndigoZebra July 2021)(Citation: Checkpoint IndigoZebra July 2021)(Citation: Securelist APT Trends Q2 2017)
Source: MITRE ATT&CK
Activity timeline
- 2026 — 2 CVE published
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
CVE-2026-31635 | 5.5 | 7.5 | 0.0082 | 2026-04-24 | see CVE |
CVE-2026-45585 | 3.5 | 6.8 | 0.0125 | 2026-05-20 | see CVE |
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
AC-4 | 5 / 12 | 42% |
CA-7 | 5 / 12 | 42% |
CM-2 | 5 / 12 | 42% |
CM-6 | 5 / 12 | 42% |
SC-7 | 5 / 12 | 42% |
SI-3 | 5 / 12 | 42% |
SI-4 | 5 / 12 | 42% |
SC-44 | 4 / 12 | 33% |
SI-8 | 4 / 12 | 33% |
CM-7 | 3 / 12 | 25% |
SI-2 | 3 / 12 | 25% |
IA-9 | 2 / 12 | 17% |
SC-20 | 2 / 12 | 17% |
SI-10 | 2 / 12 | 17% |
SI-7 | 2 / 12 | 17% |
Co-occurring actors
- Operation Dream Job 2 shared CVEs
- Threat Group-3390 2 shared CVEs
Similar actors
Similar TTPs
- Ferocious Kitten 0.53
- APT30 0.33
- DarkHydrus 0.33
- BITTER 0.31
- Star Blizzard 0.30
Overlapping CVEs
- Operation Dream Job 0.67
- Threat Group-3390 0.40
Active in same years
- Operation Dream Job 1.00
- SolarWinds Compromise 1.00
- C0027 1.00
- SharePoint ToolShell Exploitation 1.00
- Ke3chang 1.00
Same nation-state
- Night Dragon 1.00
- FunnyDream 1.00
- Operation Wocao 1.00
- C0017 1.00
- Cutting Edge 1.00
Same category
- Night Dragon 1.00
- FunnyDream 1.00
- C0011 1.00
- Operation Wocao 1.00
- Operation Dream Job 1.00