CN

BRONZE HIGHLANDBRONZE HIGHLAND

Also known as: Evasive Panda · Daggerfly · BRONZE HIGHLAND

Origin
CN
Known aliases
3

Profile

BRONZE HIGHLAND has been observed using spearphishing as an initial infection vector to deploy the MgBot remote access trojan against targets in Hong Kong. Third party reporting suggests the threat group also targets India, Malaysia and Taiwan and leverages Cobalt Strike and KsRemote Android Rat. CTU researchers assess with moderate confidence that BRONZE HIGHLAND operates on behalf of China and has a remit covering espionage against domestic human rights and pro-democracy advocates and nations neighbouring China

Aliases· 3

Evasive Panda DaggerflyBRONZE HIGHLAND

Known victims· 6

  • Hong Kong
  • Malaysia
  • India
  • Taiwan
  • Macao
  • Nigeria

References

  1. https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware
  2. https://vb2020.vblocalhost.com/uploads/VB2020-43.pdf
  3. https://www.youtube.com/watch?v=LeKi0KfzOow&list=PLffioUnqXWkdzWcZXH-bzPVgcs2R4r7iS&index=1&t=2154s
  4. https://www.welivesecurity.com/2023/04/26/evasive-panda-apt-group-malware-updates-popular-chinese-software/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Evasive Panda
Actor
BRONZE EDGEWOOD
Actor
BRONZE VAPOR
Actor
BRONZE SPRING
Actor
BRONZE STARLIGHT
Actor
MUSTANG PANDA
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.