ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > Aquatic Panda

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Aquatic Panda

NamesAquatic Panda (CrowdStrike)
CountryChina China
MotivationInformation theft and espionage
First seen2020
Description(CrowdStrike) AQUATIC PANDA is a China-based targeted intrusion adversary with a dual mission of intelligence collection and industrial espionage. It has likely operated since at least May 2020. AQUATIC PANDA operations have primarily focused on entities in the telecommunications, technology and government sectors. AQUATIC PANDA relies heavily on Cobalt Strike, and its toolset includes the unique Cobalt Strike downloader tracked as FishMaster. AQUATIC PANDA has also been observed delivering njRAT payloads to targets.
ObservedSectors: Government, Technology, Telecommunications.
Tools usedCobalt Strike, Fishmaster, njRAT.
Information<https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools/>

Last change to this card: 25 January 2022

Download this actor card in PDF or JSON format

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]