CNChinaconfidence: 75

GOBLIN PANDAGOBLIN PANDA

Also known as: Conimes · Cycldek · GOBLIN PANDA

Origin
CN
Known aliases
3
Target sectors
1
Attribution
State-sponsored

Profile

GOBLIN PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as Conimes, Cycldek. Operational targeting focuses on the Private Sector sector. Documented victim organisations include Malaysia, India, Indonesia and 5 other named victims. Original record: Goblin Panda is one of a handful of elite Chinese advanced persistent threat (APT) groups. Most Chinese APTs target the United States and NATO, but Goblin Panda focuses primarily on Southeast Asia.

Aliases· 3

ConimesCycldekGOBLIN PANDA

Target sectors· 1

Private Sector

Known victims· 8

  • Malaysia
  • India
  • Indonesia
  • Japan
  • Philippines
  • Southeast Asia
  • South Korea
  • Vietnam

References

  1. https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-august-goblin-panda/
  2. https://securelist.com/cycldek-bridging-the-air-gap/97157/
  3. https://www.fortinet.com/blog/threat-research/cta-security-playbook--goblin-panda.html
  4. https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf
  5. https://cyberthreat.thalesgroup.com/sites/default/files/2022-05/THALES%20THREAT%20HANDBOOK%202022%20Light%20Version_1.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
PREDATOR PANDA
Actor
BIG PANDA
Actor
GIBBERISH PANDA
Actor
POISONUS PANDA
Actor
SAMURAI PANDA
Actor
TOXIC PANDA
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.