AsnarökAsnarök

Also known as: Personal Panda · Asnarök

Known aliases
2

Profile

Asnarök is a threat actor that exploited CVE-2020-12271 and utilized command injection privilege escalation to gain root access to devices and install the Asnarök Trojan and demonstrated significant changes in TTPs, including the deployment of a web shell that did not reach out to external C2 for commands. X-Ops identified a patient-zero device linked to the attack and observed the use of an IC.sh script that stole local user account data. The actor's activities were linked to a broader pattern of malicious exploit research and targeted vulnerabilities disclosed by bug bounty researchers.

Aliases· 2

Personal PandaAsnarök

References

  1. https://news.sophos.com/en-us/2024/10/31/pacific-rim-neutralizing-china-based-threat/
  2. https://news.sophos.com/en-us/2024/10/31/pacific-rim-timeline/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Tstark
Actor
TunnelSnake
Actor
Denim Tsunami
Actor
UNC2659
Actor
APT21
Actor
UAT-8616
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.