Circuit Panda

Threat Actor Profile Updated 13 days ago
Download STIX
Preview STIX
Circuit Panda, also known as BlackTech, HUAPI, Manga Taurus, Palmerworm, Red Djinn, and Temp.Overboard, is a significant threat actor with a history of operating against targets in East Asia, particularly Taiwan, Japan, and Hong Kong since at least 2007. This group is part of a constellation of advanced persistent threat (APT) groups that have used the infrastructure of certain service providers for their operations over the years. These APT groups are often state-sponsored and tied to governments known for supporting or conducting cyberattacks and espionage, such as Iran, China, Russia, and North Korea. In China's case, APT10 and Circuit Panda are two notable groups. Cloudzy, a service provider, has been found by Halcyon to have its infrastructure used by at least 17 state-sponsored APT groups over the past several years. This includes groups like Elfin from Iran, Nobelium from Russia, BlueNoroff from North Korea, and notably, APT10 and Circuit Panda from China. The use of service providers' infrastructure by these groups indicates a sophisticated level of operation, leveraging existing systems to execute their malicious activities. Recently, U.S. and Japanese cybersecurity agencies published a detailed advisory on an advanced attack centered on the activities of the BlackTech group, also known as T-APT-03, Circuit Panda, and Palmerworm. This advisory serves as a stark reminder of the ongoing threats posed by these groups. Their activities continue to evolve, requiring constant vigilance and robust cybersecurity measures to mitigate the risks they pose.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Circuit Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Cyber Security Today, Sept. 29, 2023 – Protect your routers from this attacker, new open-source malware packages found, and more | IT World Canada News
CERT-EU
9 months ago
Cloud Providers Becoming Key Players in Ransomware, Halcyon Warns
CERT-EU
6 months ago
How to protect corporate routers and firewalls against hacking
CERT-EU
8 months ago
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies