Comment Panda

Threat Actor Profile Updated 25 days ago
Download STIX
Preview STIX
Comment Panda, also known as Sneaky Panda, Comment Crew, and APT1, is a threat actor associated with Unit 61398 of the People's Liberation Army in China. The term "threat actor" refers to a human entity that executes actions with malicious intent, which could be an individual, a private company, or part of a government entity. In the cybersecurity industry, naming conventions for these entities can vary widely, leading to multiple aliases for a single group. The association of Comment Panda with malicious cyber activities was first revealed by Mr. Alperovitch in 2011 while he was still working at McAfee. At the time, he identified Comment Panda (or Comment Crew) operating alongside another threat actor known as Elderwood. This identification marked a significant step in understanding and tracking the activities of this particular threat group. Comment Panda, or APT1, has since been recognized as a significant cybersecurity threat, particularly linked to state-sponsored cyber espionage from China. It is attributed with numerous cyber attacks globally, primarily targeting intellectual property and sensitive data. Understanding the operations of such threat actors is crucial for developing effective cybersecurity strategies and defenses against potential cyber threats.
What's your take? (Question 1 of 0)
23c77c11-9094-4a77-80e3-9a4b22eb4c1c Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
APT1
2
APT1, also known as Unit 61398 or Comment Crew, is a notorious cyber-espionage group believed to be part of China's People's Liberation Army (PLA) General Staff Department's 3rd Department. This threat actor has been linked with several high-profile Remote Access Trojans (RATs), enabling them to tak
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Comment Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Stealing US business secrets: Experts ID two huge cyber 'gangs' in China
Malwarebytes
a year ago
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques