Karma Panda

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
Karma Panda, also known as CactusPete or Tonto Team, is an Advanced Persistent Threat (APT) group that has been active since at least 2013. This threat actor is a highly skilled and well-resourced group that primarily targets organizations in the United States, Europe, and Asia with a focus on government, military, and defense sectors. Karma Panda uses a variety of methods to gain access to their target's network, including spear-phishing, watering hole attacks, and zero-day exploits. One notable attack attributed to Karma Panda occurred in 2015 when the group was suspected of hacking into the US Office of Personnel Management (OPM) and stealing sensitive information on millions of current and former government employees. The breach had significant national security implications and prompted the US government to implement new cybersecurity measures across federal agencies. Since then, Karma Panda has continued to evolve its tactics and techniques, including developing new malware strains and using more sophisticated social engineering tactics. The group remains a significant threat to organizations globally, and cybersecurity experts closely monitor its activities. Organizations must remain vigilant and implement strong security measures to protect themselves from potential Karma Panda attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Karma Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
CactusPete APT group’s updated Bisonal backdoor