Home/ Threat Actors/ DragonOK

🌐DragonOK

🌐 DragonOK is a tracked threat actor in the Clankerusecase corpus. ??-aligned. Primary motivation: Unknown. We map 0 detection use cases to this actor across 0 MITRE ATT&CK techniques, with 0 threat-intel articles citing them.

View full actor card → All threat actors MITRE ATT&CK group spec (G0017) ↗

0Use cases

0Articles

0Techniques

0IOCs

About this actor (MITRE)

[DragonOK](https://attack.mitre.org/groups/G0017) is a threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, [DragonOK](https://attack.mitre.org/groups/G0017) is thought to have a direct or indirect relationship with the threat group [Moafee](https://attack.mitre.org/groups/G0002). (Citation: Operation Quantum Entanglement) It is known to use a variety of malware, including Sysget/HelloBridge, PlugX, PoisonIvy, FormerFirstRat, NFlog, and NewCT. (Citation: New DragonOK)

Known aliases

DragonOK

Detection use cases

No use cases yet — this actor is in the catalogue but no UC has been authored or auto-generated for them. Check the main Threat Actors tab for live updates.