### China-Specific Threats

#### Malware

- **DaVinci (RCSAndroid)**: Android malware targeting Chinese dissidents (Discovered: 2015) - Likely developed by Qihoo 360.

- **HenBox**: Android malware targeting Uighurs and Tibetans (Discovered: 2018).

- **SilkBean**: Android malware used against Tibetans (Discovered: 2013).

- **GoldenEagle**: Android malware used against Tibetans (Discovered: 2015).

- **WUC's Mobile Malware**: Android malware used against Tibetans (Discovered: 2018).

- **PlugX**: Android malware used in targeted attacks (Discovered: 2015).

- **DoubleAgent**: Android malware used for espionage (Discovered: 2017) - Likely developed by Qihoo 360.

- **RedDelta**: Android malware targeting religious minorities (Discovered: 2020).

- **Poison Carp**: iOS malware used against Tibetans (Discovered: 2019).

- **Zitmo**: Android malware targeting activists (Discovered: 2011).

- **Gh0st RAT**: Versatile RAT often used in cyber espionage (Discovered: 2009, mobile variants: N/A).

#### Exploits

- **CVE-2019-2215**: Exploit used by China-linked APT for rooting Android devices (Discovered: 2019).

- **CVE-2020-1805**: Huawei Android exploit (Discovered: 2020) - Developed by Huawei.

- **CVE-2018-8232**: Exploit affecting Windows Mobile, attributed to Chinese APTs (Discovered: 2018).

#### Government or Intelligence Tools

- **Great Firewall**: Internet regulation and surveillance tool, with mobile capabilities (Implemented: 2003).

- **Great Cannon**: DDoS tool used to target foreign websites and potentially mobile services (Discovered: 2015).

- **Golden Shield**: Security and surveillance project with mobile monitoring (Implemented: Early 2000s).

- **SkyNet**: Real-time surveillance system intercepting SMS and calls (Publicly Disclosed: 2015).

- **Fang Binxing's System**: Rumored to have mobile surveillance capabilities (Implemented: Unknown).

- **DragonNet**: Intrusion and surveillance network (Discovered: 2019).

- **Dancing Panda**: Cyber espionage operation targeting various platforms, including mobile (Discovered: 2014).

- **OceanBuffalo**: Suspected China-linked APT with a sophisticated espionage infrastructure, includes mobile targets (Discovered: 2018).

- **Tianwang**: System for monitoring mobile communications for flagged keywords (Implemented: 2013).

- **Elderwood Project**: Set of zero-day exploits and tools targeting mobile devices (Discovered: 2012).

- **SharpPanda**: APT group using spear phishing to target mobile devices (Discovered: 2021).

- **Iron Tiger**: APT group focusing on data theft from mobile devices (Discovered: 2015).

- **APT10 (MenuPass Group)**: Branching out into mobile exploitation (Discovered: 2009, mobile activities: recent years).

- **Winnti Group**: Known for cyber-espionage, targeted mobile platforms in recent years (Discovered: 2011, mobile activities: N/A).

- **Emissary Panda (APT27)**: Highly targeted spear phishing campaigns focusing on mobile targets (Discovered: 2010).

#### Companies Developing Exploits/Malware

- **Qihoo 360**: Known for security products and likely for discovering exploits like DaVinci (RCSAndroid) and DoubleAgent (Founded: 2005).

- **Huawei**: Suspected of building backdoors into its mobile devices, and responsible for CVE-2020-1805 (Founded: 1987).

- **Xiaomi**: Also suspected of having backdoors in its phones (Founded: 2010).

- **Keen Team**: A well-known Chinese hacking team that has created various exploits for mobile platforms (Founded: N/A).

#### Tools for Delivery

- **OceanBuffalo**: Suspected China-linked APT that delivers malware through watering hole attacks on mobile websites (Discovered: 2018).

- **Spring Dragon**: Deploys a wide variety of custom malware and exploits (Discovered: 2017).

- **SharpPanda**: Chinese APT known for spear phishing attacks, including mobile targets (Discovered: 2021).

- **Emissary Panda (APT27)**: Known for its highly targeted spear phishing campaigns, including mobile targets (Discovered: 2010).

- **GREF Team**: Known for distributing Gh0st RAT and other malware via spear phishing and watering hole attacks.