From be7450494e73d5e657d7503d63f532f14c1debf9 Mon Sep 17 00:00:00 2001 From: Thomas Dupuy Date: Thu, 17 Nov 2022 20:19:32 +0000 Subject: [PATCH] Add Evasive Panda Threat Actor --- clusters/threat-actor.json | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index ec2f959..1fedd0a 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -9894,7 +9894,37 @@ ], "uuid": "8134c96d-d6ed-49cc-99d6-fe74c0636387", "value": "GOLD PRELUDE" + }, + { + "description": "Evasive Panda is an APT group that has been active since at least 2012, conducting cyberespionage targeting individuals, government institutions and organizations.", + "meta": { + "attribution-confidence": "50", + "cfr-suspected-state-sponsor": "China", + "cfr-suspected-victims": [ + "Hong Kong", + "India", + "Malaysia", + "Taiwan" + ], + "cfr-target-category": [ + "Government", + "Individuals", + "Universities" + ], + "cfr-type-of-incident": "Espionage", + "country": "CN", + "refs": [ + "https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/", + "https://vb2020.vblocalhost.com/uploads/VB2020-43.pdf", + "https://www.virusbulletin.com/virusbulletin/2014/02/needle-haystack" + ], + "synonym": [ + "BRONZE HIGHLAND" + ] + }, + "uuid": "171d0590-be92-443f-addb-af5dc2a8034d", + "value": "Evasive Panda" } ], - "version": 252 + "version": 253 }