CN

Vicious PandaVicious Panda

Also known as: SixLittleMonkeys · Vicious Panda

Origin
CN
Known aliases
2

Profile

Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. A closer look at this campaign allowed us to tie it to other operations which were carried out by the same anonymous group, dating back to at least 2016. Over the years, these operations targeted different sectors in multiple countries, such as Ukraine, Russia, and Belarus.

Aliases· 2

SixLittleMonkeysVicious Panda

Known victims· 4

  • Belarus
  • Russia
  • Mongolia
  • Ukraine

References

  1. https://securelist.com/microcin-is-here/97353
  2. https://securelist.com/a-simple-example-of-a-complex-cyberattack/82636
  3. https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia
  4. https://www.welivesecurity.com/2020/05/14/mikroceen-spying-backdoor-high-profile-networks-central-asia
  5. https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign
  6. https://unit42.paloaltonetworks.com/unit42-threat-actors-target-government-belarus-using-cmstar-trojan
  7. https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07170759/Microcin_Technical_4PDF_eng_final_s.pdf
  8. https://securelist.com/apt-trends-report-q2-2019/91897

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
MUSTANG PANDA
Actor
BIG PANDA
Actor
LIMINAL PANDA
Actor
GOBLIN PANDA
Actor
TEMPER PANDA
Actor
POISONUS PANDA
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.