Mythic Leopard

Threat Actor updated a month ago (2024-11-29T14:40:50.551Z)
Download STIX
Preview STIX
Mythic Leopard, also known as Transparent Tribe, APT36, and ProjectM, is a threat actor group likely serving the strategic intelligence requirements of the Pakistani state. The group has been active since at least 2013, demonstrating prolific activity in cyber espionage. The group primarily targets nations such as India, Pakistan, the United States, and the United Kingdom. Their operations often involve creating fake domains that mimic legitimate military and defense organizations, indicating a sophisticated approach to infiltration and data theft. The cybersecurity community has noted overlaps between Mythic Leopard and another group known as Cosmic Leopard. However, as of the current date, there is not enough technical evidence to definitively link these two threat actors. This uncertainty highlights the complex and often opaque nature of cyber threats, where attribution can be challenging due to shared tactics, techniques, and procedures (TTPs) among different groups. Security vendors have variously tracked this group under different names including Transparent Tribe, Operation C-Major, Earth Karkaddan, and Mythic Leopard. CrowdStrike, a leading cybersecurity firm, recognized Mythic Leopard as their "Adversary of the Month" for May, underscoring the significant threat posed by this group. As the landscape of cyber threats continues to evolve, understanding and tracking the activities of groups like Mythic Leopard remains critical for national security and cyber defense.
Description last updated: 2024-11-05T02:02:41.516Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
APT36 is a possible alias for Mythic Leopard. APT36, also known as Transparent Tribe, is a Pakistan-based threat actor that has been persistently targeting Indian government organizations, diplomatic personnel, and military facilities. This group has been involved in several malicious campaigns, with the most recent one being tracked by Cisco T
3
Mythic is a possible alias for Mythic Leopard. Mythic is a versatile software tool that can be used for various purposes, including potentially as part of a cyber attack. It doesn't host any Payload Types or C2 Profiles in its repository but instead provides a command "./mythic-cli install github [branch name] [-f]" to install agents into a curr
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Crowdstrike
Mythic
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Mythic Leopard Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more