Envoy Panda

China

Details

ENVOY PANDA is a China-nexus targeted intrusion adversary active since 2011. The adversary consistently targets Africa- and Middle East-based government entities—particularly in the diplomatic space—and leverages malware families such as Turian, PlugX, and Smanager in cyberespionage operations.    ENVOY PANDA’s operational security posture has improved over time; the adversary now leverages obfusc...

Community Identifiers

ypRMeqAhjFw8NPL

Objective

  • EXVtZoz3IyRj7hfWk5qDwel

Motivation

  • c6urJDjMz2vH0WU

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.