|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2012
|
|
gptkbp:alsoKnownAs
|
RedDelta
TA416
|
|
gptkbp:area
|
gptkb:Europe
gptkb:Hong_Kong
gptkb:Mongolia
gptkb:Southeast_Asia
gptkb:Taiwan
gptkb:United_States
|
|
gptkbp:associatedWith
|
gptkb:APT41
gptkb:APT27
|
|
gptkbp:connectsTo
|
Chinese government interests
|
|
gptkbp:countryOfOrigin
|
gptkb:China
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Mustang Panda
|
|
gptkbp:infrastructure
|
compromised websites
legitimate cloud services
custom C2 servers
|
|
gptkbp:language
|
gptkb:Chinese
|
|
gptkbp:mainActivity
|
cybercrime
|
|
gptkbp:notableOperation
|
attacks on European diplomatic entities
attacks on Mongolian government
attacks on Vatican
attacks on telecommunications in Southeast Asia
|
|
gptkbp:reportsTo
|
gptkb:Kaspersky
gptkb:Cisco_Talos
gptkb:ESET
gptkb:Mandiant
gptkb:Proofpoint
gptkb:Check_Point
gptkb:Secureworks
gptkb:Recorded_Future
|
|
gptkbp:target
|
gptkb:NGOs
think tanks
government organizations
religious organizations
telecommunications sector
|
|
gptkbp:technique
|
malicious attachments
spear phishing
watering hole attacks
|
|
gptkbp:usesLureTheme
|
gptkb:COVID-19
religious topics
diplomatic topics
|
|
gptkbp:usesMalware
|
gptkb:China_Chopper
gptkb:PlugX
gptkb:Cobalt_Strike
gptkb:Poison_Ivy
Coreshell
PUBLOAD
TONEINS
TONESHELL
|
|
gptkbp:bfsParent
|
gptkb:PlugX
|
|
gptkbp:bfsLayer
|
7
|