SYMBOLCOMMON_NAMEaka. SYNONYMS

GOBLIN PANDA  (Back to overview)

aka: Conimes, Cycldek

Goblin Panda is one of a handful of elite Chinese advanced persistent threat (APT) groups. Most Chinese APTs target the United States and NATO, but Goblin Panda focuses primarily on Southeast Asia.


Associated Families

There are currently no families associated with this actor.


References
2022-05-31ThalesThales
@techreport{thales:20220531:cyber:de29b9b, author = {Thales}, title = {{Cyber Threat Handbook 2002}}, date = {2022-05-31}, institution = {Thales}, url = {https://cyberthreat.thalesgroup.com/sites/default/files/2022-05/THALES%20THREAT%20HANDBOOK%202022%20Light%20Version_1.pdf}, language = {English}, urldate = {2022-08-26} } Cyber Threat Handbook 2002
GOBLIN PANDA Thrip
2020-06-03Kaspersky LabsGReAT, Mark Lechtik, Giampaolo Dedola
@online{great:20200603:cycldek:ed9a830, author = {GReAT and Mark Lechtik and Giampaolo Dedola}, title = {{Cycldek: Bridging the (air) gap}}, date = {2020-06-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/cycldek-bridging-the-air-gap/97157/}, language = {English}, urldate = {2020-06-03} } Cycldek: Bridging the (air) gap
8.t Dropper NewCore RAT PlugX USBCulprit GOBLIN PANDA Hellsing
2020-03-04CrowdStrikeCrowdStrike
@techreport{crowdstrike:20200304:2020:818c85f, author = {CrowdStrike}, title = {{2020 CrowdStrike Global Threat Report}}, date = {2020-03-04}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf}, language = {English}, urldate = {2020-07-24} } 2020 CrowdStrike Global Threat Report
MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER
2018-11-01FortinetFortiGuard SE Team
@online{team:20181101:cta:d0c6bde, author = {FortiGuard SE Team}, title = {{CTA Adversary Playbook: Goblin Panda}}, date = {2018-11-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/cta-security-playbook--goblin-panda.html}, language = {English}, urldate = {2020-01-08} } CTA Adversary Playbook: Goblin Panda
GOBLIN PANDA Hellsing
2018-08-29CrowdStrikeAdam Meyers
@online{meyers:20180829:meet:ceb250f, author = {Adam Meyers}, title = {{Meet CrowdStrike’s Adversary of the Month for August: GOBLIN PANDA}}, date = {2018-08-29}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-august-goblin-panda/}, language = {English}, urldate = {2019-12-20} } Meet CrowdStrike’s Adversary of the Month for August: GOBLIN PANDA
GOBLIN PANDA Hellsing

Credits: MISP Project