NICKEL GLADSTONE is an alternate name for the group known as APT38

---

NICKEL GLADSTONE is an advanced persistent threat (APT) that has been active since at least 2014 and targets government agencies, defense contractors, telecommunications companies, and other organizations in the United States, Europe, Asia, Africa, South America, Australia, and New Zealand. The group uses a variety of tactics to gain access to their target networks, including spear-phishing emails, watering hole attacks, and exploiting vulnerabilities in software. Once inside a network, NICKEL GLADSTONE can steal sensitive information such as email accounts, login credentials, and other confidential data. The group has been linked to the Chinese government by security researchers due to their use of Chinese language tools and tactics.

Techniques, tactics and practices:

NICKEL GLADSTONE uses a variety of tactics to gain access to their target networks. Some examples include spear-phishing emails, watering hole attacks, and exploiting vulnerabilities in software. Once inside the network, they can steal sensitive information such as email accounts, login credentials, and other confidential data. The group has also been known to use Chinese language tools and tactics, which have led some security researchers to link them to the Chinese government.