Tonto TeamTonto Team

Also known as: Tonto Team · CactusPete · KARMA PANDA · BRONZE HUNTLEY · COPPER · Red Beifang · G0131 · PLA Unit 65017 · Earth Akhlut · TAG-74

Known aliases
10

Profile

Tonto Team is a Chinese-speaking APT group that has been active since at least 2013. They primarily target military, diplomatic, and infrastructure organizations in Asia and Eastern Europe. The group has been observed using various malware, including the Bisonal RAT and ShadowPad. They employ spear-phishing emails with malicious attachments as their preferred method of distribution.

Aliases· 10

Tonto TeamCactusPeteKARMA PANDABRONZE HUNTLEYCOPPERRed BeifangPLA Unit 65017Earth AkhlutTAG-74
G0131

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
APT12
Actor
APT27
Actor
APT17
Actor
APT31
Actor
APT3
Actor
APT15
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.