A well-resourced threat group that initially became known for its attacks against high-profile targets by infiltrating hotel networks. Their toolkit is diverse, and they have, in the past, infected victims’ computers using malicious updates, forged certificates, and spear-phishing. Their cyberespionage campaigns are targeted primarily at top executives from a variety of industries doing business and outsourcing in the APAC region. This is one of the longest-running actors, with activity dating back to 2007.