Vicious Panda

Description

(Check Point) Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target.

A closer look at this campaign allowed us to tie it to other operations which were carried out by the same anonymous group, dating back to at least 2016. Over the years, these operations targeted different sectors in multiple countries, such as Ukraine, Russia, and Belarus.

Names

Name	Name-Giver
Vicious Panda	Check Point
Bronze Dudley	SecureWorks

Country

China

Motivation

Information theft and espionage

First Seen

2015

Observed Sectors

Government

Observed Countries

Tools

Operations

2015-08: Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government https://unit42.paloaltonetworks.com/digital-quartermaster-scenario-demonstrated-in-attacks-against-the-mongolian-government/
2017-06: Threat Actors Target Government of Belarus Using CMSTAR Trojan https://unit42.paloaltonetworks.com/unit42-threat-actors-target-government-belarus-using-cmstar-trojan/
2020-03: Vicious Panda: The COVID Campaign Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver a previously unknown malware implant to the target. https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/

Information

https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/

Other Information

Uuid

61552e4f-08e1-402c-a482-2d278b33806d

Last Card Change

2021-01-07

Threat Intelligence Garden

Explorer

Vicious Panda

Vicious Panda

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Tools

Operations

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks