Names | Vicious Panda (Check Point) Bronze Dudley (SecureWorks) | |
Country | China | |
Motivation | Information theft and espionage | |
First seen | 2015 | |
Description | (Check Point) Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. A closer look at this campaign allowed us to tie it to other operations which were carried out by the same anonymous group, dating back to at least 2016. Over the years, these operations targeted different sectors in multiple countries, such as Ukraine, Russia, and Belarus. | |
Observed | Sectors: Government. Countries: Belarus, Mongolia, Russia, Ukraine. | |
Tools used | 8.t Dropper, BBSRAT, Byeby, Cmstar, Enfal, Pylot. | |
Operations performed | Aug 2015 | Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government <https://unit42.paloaltonetworks.com/digital-quartermaster-scenario-demonstrated-in-attacks-against-the-mongolian-government/> |
Jun 2017 | Threat Actors Target Government of Belarus Using CMSTAR Trojan <https://unit42.paloaltonetworks.com/unit42-threat-actors-target-government-belarus-using-cmstar-trojan/> | |
Mar 2020 | Vicious Panda: The COVID Campaign Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. <https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/> | |
Information | <https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/> |
Last change to this card: 07 January 2021
Download this actor card in PDF or JSON format
Previous: Venom Spider, Golden Chickens
Next: Viking Spider
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |