October 2, 2024 at 12:15PM CeranaKeeper, a new threat actor, has been conducting data exfiltration attacks in Southeast Asia, targeting countries like Thailand, Myanmar, the Philippines, Japan, and Taiwan. Utilizing backdoors through legitimate cloud and file-sharing services, the group demonstrates a relentless and creative approach, with an extensive custom toolset for massive data siphoning. ESET … Read more
October 2, 2024 at 11:24AM Mustang Panda, a Chinese APT group, is conducting a cyber-espionage campaign via malicious emails and the use of Visual Studio Code (VS Code) to distribute Python-based malware. Its tactics include establishing remote access to infected machines, exfiltrating data, and employing legitimate entities like GitHub for unauthorized access. Organizations are advised … Read more
September 10, 2024 at 11:36AM China’s state-sponsored threat actor, Mustang Panda, is utilizing self-propagating malware spread through USB drives and spear-phishing to target various government entities in the Asia-Pacific region. The group’s tactics have evolved to include new vectors for initial entry, with a focus on specific countries and sectors. Trend Micro researchers advise continuous … Read more
September 10, 2024 at 06:03AM Trend Micro has identified Mustang Panda’s advanced malware tactics, including the propagation of PUBLOAD via HIUPAN, targeting government entities in the APAC region. The cybersecurity firm uncovered the group’s use of multi-stage downloaders and exploitation of Microsoft’s cloud services for data exfiltration. The threat actor’s evolving strategies are concerning for … Read more
September 9, 2024 at 05:30PM Mustang Panda, a China-based cyber espionage group, has been using new strategies and malware to carry out attacks, targeting government and non-government entities mostly in the Asia-Pacific region. The group’s recent activities involve the deployment of new tools such as FDMTP and PTSOCKET to steal information from breached networks. The … Read more
March 28, 2024 at 08:12AM Two China-linked cyberespionage groups, Mustang Panda and another unidentified group, have been targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN). The groups have been conducting cyberespionage operations on behalf of the Chinese government, aiming to collect intelligence on geopolitical interests in the region. Based … Read more
March 27, 2024 at 01:15AM China-linked APT groups have targeted ASEAN member countries in a cyber espionage campaign. Mustang Panda used phishing emails and malware to attack entities during the ASEAN-Australia Special Summit. Trend Micro also uncovered a new threat actor called Earth Krahang targeting 116 entities across 35 countries. Leaked documents from I-Soon revealed … Read more
February 21, 2024 at 08:15AM Mustang Panda, a China-linked threat actor, has used a variant of the PlugX backdoor called DOPLUGS to target countries in Asia, especially Taiwan and Vietnam. The group is known for well-crafted spear-phishing campaigns and has deployed customized PlugX variants like RedDelta and DOPLUGS since 2018. They also use plugins for … Read more
January 30, 2024 at 09:34AM Mustang Panda, a China-based threat actor, is suspected of targeting Myanmar’s Ministry of Defence and Foreign Affairs in two campaigns using backdoors and remote access trojans. The group has been active since 2012 and has targeted Southeast Asian governments and the Philippines. The attacks involve phishing emails, rogue DLLs, and … Read more
November 21, 2023 at 02:06AM The China-linked cyber espionage group Mustang Panda targeted a Philippines government entity using legitimate software to sideload malicious files. Mustang Panda, also known as Bronze President and other aliases, is a Chinese advanced persistent threat (APT) that has been active since at least 2012. The group has targeted NGOs and … Read more