APT32
G00501 reportsaliases · APT32 · SeaLotus · OceanLotus · APT-C-00 · Canvas Cyclone · BISMUTH
1
Reports
0
Techniques
0
Tactics
0
Countries
n/a
Hunt coverage
6
Aliases
Analyst assessment — key judgments
- Activity declining: 0 report(s) in last 30d vs 1 prior (-100%).
- Assessment confidence: n/a.
Activity & trend
DecliningLast 30d: 0 vs 1 prior (-100%)· first reported 2026-06-11 · last 2026-06-11
0
7d
0
30d
1
90d
1
All
0.1
Rpts/wk
Reporting timeline · 12 months
Overview
Analyst triage
Intelligence summary
APT32 is a suspected Vietnam-based threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as foreign governments, dissidents, and journalists with a strong focus on Southeast Asian countries like Vietnam, the Philippines, Laos, and Cambodia. They have extensively used strategic web compromises to compromise victims.(Citation: FireEye APT32 May 2017)(Citation: Volexity OceanLotus Nov 2017)(Citation: ESET OceanLotus)
Top co-occurring indicators
Aliases & naming
Targeting · countries
Targeting · named victims
ATT&CK technique matrix
Coverage vs hunt library:
—
Hunt-coverage gaps — prioritized
Top techniques by observation
- No ATT&CK techniques associated yet.
Threat catalogue · engineering roadmap
Flagged detection-engineering queue
Uncovered techniques you flagged for hunt / detection build-out, aggregated across every actor you visit. Stored locally in your browser.
Infrastructure
IOC type mix
Tooling / malware families
Relationships
Activity
30-day mention timeline
Recent reporting
| Title | Source | Severity | Collected |
|---|