Numbered Panda

Threat Actor updated a month ago (2024-11-29T14:04:07.468Z)
Download STIX
Preview STIX
Numbered Panda, also known by several other names such as DYNCALC, IXESHE, JOY RAT, and APT-12, is a threat actor based in China. This entity is notorious for executing actions with malicious intent, targeting a wide range of victims including media outlets, high-tech companies, and various government organizations. The group has been involved in numerous high-profile cyber attacks, demonstrating its ability to penetrate complex security systems and exploit sensitive data. This week, we have identified several indicators associated with Numbered Panda's activities. Among the most notable are the alerts pertaining to three variants of the Joy RAT malware. These alerts were triggered by specific content patterns in TCP traffic from client networks to external networks, suggesting active or attempted intrusions. In addition, it was observed that Numbered Panda often uses blogs or WordPress in their command-and-control (C2) infrastructure, a strategy that helps camouflage their network traffic and make it appear more legitimate. Historically, Numbered Panda has targeted organizations involved in time-sensitive operations, filling intelligence gaps in critical situations. For instance, during the Fukushima Reactor Incident of 2011, the group likely sought to gather information about ground cleanup and mitigation operations. Given their past activities and ongoing threats, it is crucial to remain vigilant and ensure robust cybersecurity measures are in place to counteract potential attacks from this adversary.
Description last updated: 2024-05-04T16:11:36.388Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Numbered Panda Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
MITRE
2 years ago