Names | Anchor Panda (CrowdStrike) APT 14 (Mandiant) Aluminum (Microsoft) QAZTeam (?) | |
Country | China | |
Sponsor | State-sponsored, PLA Navy | |
Motivation | Information theft and espionage | |
First seen | 2012 | |
Description | (CrowdStrike) Anchor Panda is an adversary that CrowdStrike has tracked extensively over the last year targeting both civilian and military maritime operations in the green/brown water regions primarily in the area of operations of the South Sea Fleet of the PLA Navy. In addition to maritime operations in this region, Anchor Panda also heavily targeted western companies in the US, Germany, Sweden, the UK, and Australia, and other countries involved in maritime satellite systems, aerospace companies, and defense contractors. Not surprisingly, embassies and diplomatic missions in the region, foreign intelligence services, and foreign governments with space programs were also targeted. | |
Observed | Sectors: Aerospace, Defense, Engineering, Government, Industrial and NGOs in the green/brown water regions primarily in the area of operations of the South Sea Fleet of the PLA Navy. Countries: Australia, Germany, Sweden, UK, USA and others. | |
Tools used | Gh0st RAT, Poison Ivy, Torn RAT. | |
Information | <https://www.crowdstrike.com/blog/whois-anchor-panda/> |
Last change to this card: 14 April 2020
Download this actor card in PDF or JSON format
Previous: Subgroup: Scattered Spider
Next: Antlion
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |