This threat actor initially came to our attention in April 2018, leveraging both Western and Chinese Git repositories to deliver malware to honeypot s...

Threat Actor Profile

Rocke

Uses 50 known MITRE ATT&CK techniques.

50 TTPs Mapped Real-Time Alerts

Actor Overview

Known Techniques
50 TTPs

MITRE ATT&CK Techniques

T1071T1071.001T1547T1547.001T1037T1059T1059.004T1059.006T1543T1543.002T1140T1190T1222T1222.002T1564 +35 more

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on Rocke is published.

Actor Details

Primary Name
Rocke
Known Aliases
Aged Libra
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →