Common Information
| Type | Value |
|---|---|
| Value |
Evasive Panda |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | BRONZE HIGHLAND has been observed using spearphishing as an initial infection vector to deploy the MgBot remote access trojan against targets in Hong Kong. Third party reporting suggests the threat group also targets India, Malaysia and Taiwan and leverages Cobalt Strike and KsRemote Android Rat. CTU researchers assess with moderate confidence that BRONZE HIGHLAND operates on behalf of China and has a remit covering espionage against domestic human rights and pro-democracy advocates and nations neighbouring China |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-08-02 | 36 | August 2024: Latest Malware, Vulnerabilities and Exploits | ||
| Details | Website | 2024-07-25 | 59 | How APT groups operate in Southeast Asia | ||
| Details | Website | 2024-03-08 | 0 | APT attacks taking aim at Tibetans – Week in security with Tony Anscombe | ||
| Details | Website | 2024-03-04 | 96 | 安全事件周报 2024-03-04 第10周 | ||
| Details | Website | 2024-01-26 | 6 | Risky Biz News: SVR hackers also breached HPE | ||
| Details | Website | 2023-09-07 | 35 | My Tea's not cold. An overview of China's cyber threat | ||
| Details | Website | 2023-06-12 | 0 | Supply Chain Attack Defense Demands Mature Threat Hunting | ||
| Details | Website | 2023-06-09 | 5 | Threat Trend Report on APT Groups – April 2023 - ASEC BLOG | ||
| Details | Website | 2023-05-04 | 1 | Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China | ||
| Details | Website | 2023-04-29 | 83 | Bluepurple Pulse: week ending April 30th | ||
| Details | Website | 2023-04-28 | 15 | Rewterz Threat Alert – QBot Malware Campaign Leveraging Hijacked Business Correspondence – Active IOCs | ||
| Details | Website | 2023-04-28 | 2 | Chinese Cyberspies Delivered Malware via Legitimate Software Updates | ||
| Details | Website | 2023-04-28 | 15 | Rewterz Threat Alert – Evasive Panda APT Delivers MgBot Malware To Target International NGOs In Mainland China – Active IOCs | ||
| Details | Website | 2023-04-27 | 4 | China's 'Evasive Panda' Hijacks Software Updates to Deliver Custom Backdoor | ||
| Details | Website | 2023-04-27 | 15 | Rewterz Threat Alert – BluStealer Infostealer aka a310logger – Active IOCs | ||
| Details | Website | 2023-04-27 | 4 | Rewterz Threat Alert – An Emerging Fsysna Trojan – Active IOCs | ||
| Details | Website | 2023-04-27 | 13 | Rewterz Threat Alert – ZStealer Malware – Active IOCs | ||
| Details | Website | 2023-04-27 | 10 | Rewterz Threat Alert – Remcos RAT – Active IOCs | ||
| Details | Website | 2023-04-27 | 12 | Rewterz Threat Alert – Bitter APT Group – Active IOCs | ||
| Details | Website | 2023-04-27 | 1 | Rewterz Threat Advisory – CVE-2023-20060 – Cisco Prime Collaboration Deployment Vulnerability | ||
| Details | Website | 2023-04-27 | 12 | Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs | ||
| Details | Website | 2023-04-27 | 3 | Rewterz Threat Advisory – Multiple IBM Products Vulnerabilities | ||
| Details | Website | 2023-04-27 | 2 | Rewterz Threat Advisory – CVE-2023-45801 – Apache StreamPark Vulnerability | ||
| Details | Website | 2023-04-27 | 1 | Evasive Panda’s Malicious Campaign Exploits Software Update Channels | ||
| Details | Website | 2023-04-27 | 2 | Tencent QQ users hacked in mysterious malware attack, says ESET - RedPacket Security |