GhostEmperorGhostEmperor
Also known as: GhostEmperor · FamousSparrow · UNC2286 · Salt Typhoon · RedMike · OPERATOR PANDA
Known aliases
6
Profile
GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode rootkit called Demodex to gain remote control over their targeted servers. The actor demonstrates a high level of sophistication and uses various anti-forensic and anti-analysis techniques to evade detection. They have been active for a significant period of time and continue to pose a threat to their targets.
Aliases· 6
GhostEmperorFamousSparrowUNC2286Salt TyphoonRedMikeOPERATOR PANDA
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.