Cyber Resilience

Threat actor · all actors

UNC3886G1048 state

🇨🇳 CN

aka UNC3886

Last updated: 2026-07-03

0attributed CVEs
63ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[UNC3886](https://attack.mitre.org/groups/G1048) is a China-nexus cyberespionage group that has been active since at least 2022, targeting defense, technology, and telecommunication organizations located in the United States and the Asia-Pacific-Japan (APJ) regions. [UNC3886](https://attack.mitre.org/groups/G1048) has displayed a deep understanding of edge devices and virtualization technologies through the exploitation of zero-day vulnerabilities and the use of novel malware families and utilities.(Citation: Mandiant Fortinet Zero Day)(Citation: Google Cloud Threat Intelligence VMWare ESXi Zero-Day 2023)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-438 / 6360%
CM-632 / 6351%
CM-231 / 6349%
AC-328 / 6344%
SI-327 / 6343%
CA-725 / 6340%
AC-624 / 6338%
SI-724 / 6338%
AC-223 / 6337%
CM-721 / 6333%
AC-516 / 6325%
IA-216 / 6325%
CM-515 / 6324%
RA-513 / 6321%
SC-713 / 6321%

Co-occurring actors

None.

Similar actors

Similar TTPs

Same nation-state