Group: Deep Panda, Shell Crew, ...

From enterprise
Jump to: navigation, search
Deep Panda, Shell Crew, ...
Group
ID G0009
Aliases Deep Panda, Shell Crew, WebMasters, KungFu Kittens, PinkPanther, Black Vine

Deep Panda is a suspected Chinese threat group known to target many industries, including government, defense, financial, and telecommunications.1 The intrusion into healthcare company Anthem has been attributed to Deep Panda.2 This group is also known as Shell Crew, WebMasters, KungFu Kittens, and PinkPanther.3 Deep Panda also appears to be known as Black Vine based on the attribution of both group names to the Anthem intrusion.4

Alias Descriptions

  • Deep Panda - 1
  • Shell Crew - 3
  • WebMasters - 3
  • KungFu Kittens - 3
  • PinkPanther - 3
  • Black Vine - 4

Techniques Used

  • PowerShell - Deep Panda has used PowerShell scripts to download and execute programs in memory, without writing to disk.1
  • Web Shell - Deep Panda uses Web shells on publicly accessible Web servers to access victim networks.5
  • Scripting - Deep Panda has used PowerShell scripts to download and execute programs in memory, without writing to disk.1

Software