Comment Panda

Threat Actor Profile Updated 3 months ago
Download STIX
Preview STIX
Comment Panda, also known as Sneaky Panda, Comment Crew, and APT1, is a threat actor associated with Unit 61398 of the People's Liberation Army in China. The term "threat actor" refers to a human entity that executes actions with malicious intent, which could be an individual, a private company, or part of a government entity. In the cybersecurity industry, naming conventions for these entities can vary widely, leading to multiple aliases for a single group. The association of Comment Panda with malicious cyber activities was first revealed by Mr. Alperovitch in 2011 while he was still working at McAfee. At the time, he identified Comment Panda (or Comment Crew) operating alongside another threat actor known as Elderwood. This identification marked a significant step in understanding and tracking the activities of this particular threat group. Comment Panda, or APT1, has since been recognized as a significant cybersecurity threat, particularly linked to state-sponsored cyber espionage from China. It is attributed with numerous cyber attacks globally, primarily targeting intellectual property and sensitive data. Understanding the operations of such threat actors is crucial for developing effective cybersecurity strategies and defenses against potential cyber threats.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
APT1
2
APT1, also known as Unit 61398 or Comment Crew, is a notorious cyber-espionage group believed to be part of China's People's Liberation Army (PLA) General Staff Department's 3rd Department. This threat actor has been linked with several high-profile Remote Access Trojans (RATs), enabling them to tak
Sneaky Panda
1
None
Elderwood
1
Elderwood, also known as the Elderwood Group or the Beijing Group, is a notable threat actor believed to be responsible for numerous high-profile cyber attacks and espionage campaigns. The group's activities date back to at least 2005-2006 and have been linked to various significant incidents, inclu
Comment Crew
1
Comment Crew, also known as APT1 or Unit 61398, is a significant threat actor attributed to China's People's Liberation Army (PLA) General Staff Department’s 3rd Department. The group has been active since at least 2005-2006, as traced by Mr. Stewart of Dell Secureworks. Among the myriad of Chinese
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Comment Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Stealing US business secrets: Experts ID two huge cyber 'gangs' in China
Malwarebytes
a year ago
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques