ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > SharpPanda, Sharp Dragon

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: SharpPanda, Sharp Dragon

NamesSharpPanda (Check Point)
Sharp Dragon (Check Point)
CountryChina China
MotivationInformation theft and espionage
First seen2018
Description(Check Point) Check Point Research identified an ongoing surveillance operation targeting a Southeast Asian government. The attackers use spear-phishing to gain initial access and leverage old Microsoft Office vulnerabilities together with the chain of in-memory loaders to attempt and install a previously unknown backdoor on victim’s machines.

Our investigation shows the operation was carried out by what we believe is a Chinese APT group that has been testing and refining the tools in its arsenal for at least 3 years.
ObservedSectors: Government.
Countries: Indonesia, Malaysia, Thailand, Vietnam and Africa, the Caribbean and Southeast Asia.
Tools used8.t Dropper, Cobalt Strike.
Operations performed2024Chinese Espionage Campaign Expands to Target Africa and The Caribbean
<https://blog.checkpoint.com/research/chinese-espionage-campaign-expands-to-target-africa-and-the-caribbean/>
Mar 2024Inside the SharpPanda's Malware Targeting Malaysia
<https://notes.netbytesec.com/2024/05/inside-sharppandas-malware-targeting.html>
Information<https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/>

Last change to this card: 19 June 2024

Download this actor card in PDF or JSON format

Previous: ShaggyPanther
Next: ShroudedSnooper

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]