"APT40 has previously targeted organizations in various countries, including Australia and the United States," the agencies said. "Notably, APT40 possesses the ability to quickly transform and adapt vulnerability proofs-of-concept (PoCs) for targeting, reconnaissance, and exploitation operations."
The adversarial collective, also known as Bronze Mohawk, Gingham Typhoon (formerly Gadolinium), ISLANDDREAMS, Kryptonite Panda, Leviathan, Red Ladon, TA423, and TEMP.Periscope, is known to be active since at least 2011, carrying out cyber attacks targeting entities in the Asia-Pacific region. It's assessed to be based in Haikou.