Mythic Leopard

Threat Actor Profile Updated 23 days ago
Download STIX
Preview STIX
Mythic Leopard, also known as Transparent Tribe, APT36, ProjectM, and other identifiers, is a prolific threat actor that has been active since at least 2013. Originating from Pakistan, this group is believed to be fulfilling strategic intelligence requirements for the Pakistani state. The group targets various nations including India, Pakistan, the United States, and the United Kingdom, making it a global cybersecurity concern. A core component of Mythic Leopard's operations involves creating fake domains that mimic legitimate military and defense organizations. This tactic enables them to conduct effective phishing campaigns and infiltrate their target's systems, thereby gaining access to sensitive information. Their activities have been consistent over the years, demonstrating their tenacity and adaptability in the face of evolving cybersecurity measures. In May, CrowdStrike, a leading cybersecurity firm, named Mythic Leopard as its Adversary of the Month. This designation underscores the severity of the threat posed by this group and emphasizes the ongoing need for robust cybersecurity defenses. As Mythic Leopard continues its operations, it remains critical for organizations, particularly those in the targeted nations, to stay vigilant and maintain up-to-date security protocols.
What's your take? (Question 1 of 1)
383b1924-2f60-4cff-b4ee-cb4a4ecbe3da Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Mythic
2
Mythic is a versatile software tool that can be used for various purposes, including potentially as part of a cyber attack. It doesn't host any Payload Types or C2 Profiles in its repository but instead provides a command "./mythic-cli install github [branch name] [-f]" to install agents into a curr
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Crowdstrike
Mythic
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Mythic Leopard Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
3 months ago
Connect the Dots on State-Sponsored Cyber Incidents - Mythic Leopard
MITRE
a year ago
Transparent Tribe: Evolution analysis, part 1 | Securelist
MITRE
a year ago
Transparent Tribe APT expands its Windows malware arsenal
CERT-EU
a year ago
Connect the Dots on State-Sponsored Cyber Incidents - Mythic Leopard
MITRE
a year ago
Adversary: Mythic Leopard - Threat Actor | Crowdstrike Adversary Universe