Skip to main content

I’m reaching out to ask if anyone has insights into whether Mandiant has published any Indicators of Compromise (IoCs) for the UNC3886 threat group, particularly those linked to campaigns originating from or targeting Singapore.

We’re currently assessing risk exposure related to this group and are interested in any published intelligence, reports, or threat data—especially around custom malware, zero-day exploitation, or region-specific activity.

If you're aware of relevant Mandiant publications or datasets (public or available under subscription), I’d greatly appreciate the direction. Also, if anyone can share details about Mandiant's current subscription plans—especially those covering:

  • Real-time IoCs

  • Advanced malware analysis

  • China-nexus espionage reporting

  • Regional threat intelligence

…please let me know.

Happy to jump on a quick call if needed—just drop me a message.

Yes, you can use Google Threat Intelligence to find this information.  Log in to your Google Threat Intelligence account and in the main search bar, enter the threat actor name: UNC3886.

Then to narrow the search to IOCs relevant to Singapore, use GTI's advanced search and filtering capabilities by combining the actor name with the geographical target: “UNC3886” AND “Singapore”. 

The above steps should return the information you are looking for.

I am currently conducting research and analysis on the threat actor UNC3886, and would appreciate your support in confirming the following:

  • How many Indicators of Compromise (IOCs) related to UNC3886 are currently available on the Google Threat Intelligence platform (as of the latest 2025 update)?

  •  Are any of these IOCs specifically associated with targeting Singapore or the broader Southeast Asia region?
    Could you please share the details of your subscription plans for Google Threat Intelligence / Mandiant services?

    • What are the available subscription tiers?

    • Is the pricing based on usage, user count, or flat rate?

    • Do you offer any free trials or demo access that I can explore?

  • What payment methods do you accept (e.g., credit card, ACH transfer, invoicing)?

  • Are there any region-specific requirements or limitations for organizations based in Singapore that I should be aware of?

Can you please confirm whether Mandiant and Google Threat Intelligence are the same platform, or if they operate separately? If separate, how is the data differentiated between them?

For more information on our Threat Intel products please review https://cloud.google.com/security/products/threat-intelligence

You may also want to take a look at our intel Blog https://cloud.google.com/blog/topics/threat-intelligence

For specific information on how to purchase please contact your sales team or partner.

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.