Uptime Hamster: 15d 4h 14mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza POISONUS PANDA

POISONUS PANDA

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Ver en IntelTracker → APTTrail →
POISONUS PANDA is a cyber-espionage group suspected of being state-sponsored, primarily targeting government and financial sectors. The group has been active since at least 2014, with operations characterized by customized malware and persistent threats focused on data exfiltration and espionage. While its specific identity can be unclear in open-source reporting, its operational patterns involve spear-phishing campaigns and exploitation of vulnerabilities. This group is distinguished by its consistent use of custom malware, including PlugX and Poison Ivy, in its operations. It has been associated with various 'Panda' designated groups due to shared tactics, techniques, and procedures, though direct aliases for POISONUS PANDA itself are not widely confirmed.

Actores similares

Aquatic Pandaactor · 1Mustang Pandaapt · 1APT27 (Emissary Panda)actor · 1Putter Pandaapt · 1Deep Pandaactor · 1anchor-pandaactor · 1aquatic-pandaactor · 1big-pandaactor · 1electric-pandaactor · 1eloquent-pandaactor · 1
Tecnicas MITRE
T1566.001, T1059, T1071.001, T1105
Tipo
apt
Pais origen
CN
Motivacion
-
Impacto
3
Actualizado
Sat, 03 Se

Sectores objetivo (SOCRadar)

FinancePublic Administration