Comment Panda

Threat Actor updated 4 months ago (2024-05-04T18:24:52.760Z)

Download STIX

Preview STIX

Comment Panda, also known as Sneaky Panda, Comment Crew, and APT1, is a threat actor associated with Unit 61398 of the People's Liberation Army in China. The term "threat actor" refers to a human entity that executes actions with malicious intent, which could be an individual, a private company, or part of a government entity. In the cybersecurity industry, naming conventions for these entities can vary widely, leading to multiple aliases for a single group. The association of Comment Panda with malicious cyber activities was first revealed by Mr. Alperovitch in 2011 while he was still working at McAfee. At the time, he identified Comment Panda (or Comment Crew) operating alongside another threat actor known as Elderwood. This identification marked a significant step in understanding and tracking the activities of this particular threat group. Comment Panda, or APT1, has since been recognized as a significant cybersecurity threat, particularly linked to state-sponsored cyber espionage from China. It is attributed with numerous cyber attacks globally, primarily targeting intellectual property and sensitive data. Understanding the operations of such threat actors is crucial for developing effective cybersecurity strategies and defenses against potential cyber threats.

Description last updated: 2023-10-10T19:48:28.738Z

What's your take? (Question 1 of 0)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
APT1	2	APT1, also known as Unit 61398 or Comment Crew, is a notorious cyber-espionage group believed to be part of China's People's Liberation Army (PLA) General Staff Department's 3rd Department. This threat actor has been linked with several high-profile Remote Access Trojans (RATs), enabling them to tak

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Comment Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Preview	Source Link	CreatedAt	Title
	MITRE	2 years ago	Stealing US business secrets: Experts ID two huge cyber 'gangs' in China
	Malwarebytes	a year ago	APT attacks: Exploring Advanced Persistent Threats and their evasive techniques