APT3 (BORON): A Pioneering China-Aligned Cyber Espionage Group

This profile describes APT3 (BORON) as a China-aligned advanced persistent threat focused on cyber espionage against defense contractors, advanced manufacturing, telecoms and government/policy entities; it covers attribution, strategic goals, detailed TTPs (social engineering, watering-hole attacks, rapid exploitation of disclosed vulnerabilities, custom exploit frameworks, modular loaders, credential theft and robust C2), a historical timeline with peak activity from 2012–2016 and reduced visibility after 2017, and defensive takeaways emphasizing patching and detection of legitimate-process abuse.