Mustang Panda’s campaigns frequently use custom loaders for shared malware including Cobalt Strike, Poison Ivy, and Korplug (also known as PlugX).

The executable, as observed in prior Mustang Panda attacks, leverages DLL side-loading to launch a malicious DLL dubbed ...

Mustang Panda, also known as Earth Preta, is an espionage group which primarily targets governments in the Asia Pacific region, including Taiwan, Vietnam and Malaysia. Trend Micro said the group has ...

A cyberespionage threat actor dubbed Mustang Panda hits Europe with a new attack campaign. Read more about it and how to protect yourself from it. Image: Adobe Stock Cisco Talos Intelligence Group ...

How Mustang Panda operates. Mustang Panda’s most used malicious implant is a Trojan program called PlugX and this continues to remain the group’s preferred spying tool.

Mustang Panda is a PRC-funded hacker group responsible for spreading the PlugX malware. Since 2014, the organization used the malware to access thousands of computer systems.

Attribution. We attribute this new backdoor and the campaign to Mustang Panda with high confidence based on the following indicators. We found archives containing samples of MQsTTang in two GitHub ...

Also tracked as TA416, Mustang Panda is known to serve China-aligned interests and has been recently associated with phishing and espionage operations that targeted European diplomats.

Researchers have exposed a Mustang Panda campaign that is taking advantage of the Russia-Ukraine conflict to spread new malware. On March 23, researchers from ESET said that Mustang Panda, a ...

The Chinese APT hacking group "Mustang Panda" has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes ...