Turbine Panda

China

Details

CrowdStrike Intelligence tracks TURBINE PANDA in relation to attacks on a number of entities in the defense, aerospace, and manufacturing sectors primarily beginning in 2014. TURBINE PANDA heavily uses the PlugX RAT, popular among China-based targeted intrusion actors, often along with hyphenated C2 domains or domains that are meant to spoof targeted organizations.  TURBINE PANDA operations appear...

Community Identifiers

V8sgDTRkGS93w4Z

Objective

  • PFZXr9whNxdaScKI5fuVlgk
  • wC8Lk4nRXdfDGq1Thi3bWVHrNyg5

Motivation

  • 3uNW48zZJI9dsCE

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Resources

2023 Global Threat Report

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo