Overcast Panda

China

Details

OVERCAST PANDA is a China-nexus targeted intrusion adversary likely active since at least 2019. Previously tracked as the ClearVariable activity cluster, this adversary’s tradecraft is primarily characterized by the use of the unique FlowCloud and LookBack malware implants delivered through a variety of means. Identified OVERCAST PANDA operations to date have primarily focused on entities the U.S....

Objective

  • gkT2ZFmVjKRMdpfhL8sqWEJ

Motivation

  • 0BCvXmFg6do9ntV

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.