Threat actor · all actors
ConfuciusG0142 unknown
aka Confucius, Confucius APT
Last updated: 2026-07-03
0attributed CVEs
28ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Confucius](https://attack.mitre.org/groups/G0142) is a cyber espionage group that has primarily targeted military personnel, high-profile personalities, business persons, and government organizations in South Asia since at least 2013. Security researchers have noted similarities between [Confucius](https://attack.mitre.org/groups/G0142) and [Patchwork](https://attack.mitre.org/groups/G0040), particularly in their respective custom malware code and targets.(Citation: TrendMicro Confucius APT Feb 2018)(Citation: TrendMicro Confucius APT Aug 2021)(Citation: Uptycs Confucius APT Jan 2021)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 21 / 28 | 75% |
CM-2 | 18 / 28 | 64% |
CM-6 | 18 / 28 | 64% |
SI-3 | 18 / 28 | 64% |
CA-7 | 16 / 28 | 57% |
SC-7 | 15 / 28 | 54% |
AC-4 | 14 / 28 | 50% |
CM-7 | 13 / 28 | 46% |
CM-8 | 10 / 28 | 36% |
SI-7 | 10 / 28 | 36% |
AC-6 | 9 / 28 | 32% |
RA-5 | 9 / 28 | 32% |
SI-2 | 9 / 28 | 32% |
AC-2 | 8 / 28 | 29% |
AC-3 | 8 / 28 | 29% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- LazyScripter 0.41
- Molerats 0.39
- Rancor 0.38
- Sidewinder 0.37
- Inception 0.35