diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 6498302..d0ebb86 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -12511,6 +12511,19 @@ }, "uuid": "aa74d1f3-b294-405b-bb18-3ac1c13560a1", "value": "BadRory" + }, + { + "description": "SharpPanda, an APT group originating from China, has seen a rise in its cyber-attack operations starting from at least 2018. The APT group utilizes spear-phishing techniques to obtain initial access, employing a combination of outdated Microsoft Office document vulnerabilities, novel evasion techniques, and highly potent backdoor malware.", + "meta": { + "country": "CN", + "refs": [ + "https://blog.cyble.com/2023/06/01/sharppanda-apt-campaign-expands-its-arsenal-targeting-g20-nations/", + "https://www.rewterz.com/rewterz-news/rewterz-threat-alert-sharppanda-chinese-apt-group-targets-southeast-asian-government-active-iocs", + "https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/" + ] + }, + "uuid": "7133a722-088c-4d5a-b2e0-a1f9915f807d", + "value": "SharpPanda" } ], "version": 292