An APT group dating back to 2012 that utilizes spear-phishing and watering-hole attacks to target high-profile government agencies, political parties, educational institutions and telecommunication organizations, traditionally around the South China Sea. Most of the malicious tools implemented by Spring Dragon over the years are backdoors designed to steal data, execute additional malware components, and run system commands on victim’s computers.