MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2025-01-18 10:36:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add Liminal Panda

Browse source
This commit is contained in:
Mathieu4141 2024-12-20 02:55:34 -08:00
parent 0863ea4794
commit b287cdc866
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -17573,6 +17573,17 @@
},
"uuid": "cbdf8d63-c114-47d5-8f32-f87f365c7c43",
"value": "UNC2465"
},
{
"description": "LIMINAL PANDA is a China-nexus APT that targets telecommunications entities, employing custom malware and publicly available tools for covert access, C2, and data exfiltration. The adversary demonstrates extensive knowledge of telecom networks, utilizing GSM protocols to retrieve mobile subscriber information and call metadata. LIMINAL PANDA exploits trust relationships and security gaps between providers to access core infrastructure, indicating a focus on SIGINT collection rather than financial gain. Their intrusion activity has primarily affected telecom providers in southern Asia and Africa, with potential for broader targeting based on network configurations.",
"meta": {
"country": "CN",
"refs": [
"https://www.crowdstrike.com/en-us/blog/liminal-panda-telecom-sector-threats/"
]
},
"uuid": "e7a64fd7-5d30-47ec-b9f6-8c555e5f319f",
"value": "Liminal Panda"
}
],
"version": 321