Skip to content

Hide Navigation Hide TOC

GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c)

GALLIUM, is a threat actor believed to be targeting telecommunication providers over the world, mostly South-East Asia, Europe and Africa. To compromise targeted networks, GALLIUM target unpatched internet-facing services using publicly available exploits and have been known to target vulnerabilities in WildFly/JBoss.

Cluster A Galaxy A Cluster B Galaxy B Level
Granite Typhoon (ae4036de-c901-5f21-808a-f5c071ef509b) Microsoft Activity Group actor GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor 1
GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor GALLIUM (6085aad0-1d95-11ea-a140-078d42aced40) Microsoft Activity Group actor 1
GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor Operation Soft Cell (8dda51ef-9a30-48f7-b0fd-5b6f0a62262d) Threat Actor 1
GALLIUM (6085aad0-1d95-11ea-a140-078d42aced40) Microsoft Activity Group actor Operation Soft Cell (8dda51ef-9a30-48f7-b0fd-5b6f0a62262d) Threat Actor 2