Adversary

Wicked Panda

発生地

中国

Community Identifiers

Winnti, Group 72, BARIUM, LEAD, GREF, APT41, TG-2633, BRONZE ATLAS

Wicked Panda は2010年代半ばから2020年代まで活躍している、中国を拠点とした最も大規模で有能な敵対組織のひとつです。

この組織は、犯罪を中心とした活動から、「第13次5カ年計画」や「中国製造2025」イニシアチブで示された中国共産党(CCP)の目標に沿った国家的な標的侵入へと移行しながら、標的の範囲とツール群を継続的に拡大してきました。CrowdStrike Intelligenceチームでは、Wicked Pandaは中国政府の利益のために活動しながらも、犯罪や営利目的の活動にも従事している複数の契約者を含めたグループから構成されていて、中国共産党の幹部から何らかの形で黙認されている可能性が高いと考えています。

Wicked Pandaグループに共通しているのは、Winntiマルウェアを使用している点です。Winntiは2010年に登場して以来何度も改良を重ねられ、現在も開発中のようです。また、ソフトウェアのサプライチェーン攻撃に関連した、普及率の低いShadowPadバックドアも使用しています。Wicked Pandaのオペレータは、CooperLoader、AttachLoader、RouterGod、Proxipなどの他のカスタムローダーやマルウェアを、Cobalt StrikeやMimikatzなどの一般に公開されているマルウェアやエクスプロイト後のツールと組み合わせて使用しています。

Targeted Nations

  • Flag Icon of the country ドイツ

    ドイツ

  • Flag Icon of the country 香港

    香港

  • Flag Icon of the country インド

    インド

  • Flag Icon of the country 日本

    日本

  • Flag Icon of the country 韓国

    韓国

  • Flag Icon of the country 台湾

    台湾

  • Flag Icon of the country 米国

    米国

対象産業

  • 農業
  • 化学
  • 鉱業
  • 観光
  • 産業工学
  • シンクタンク

Artwork

敵対組織:Wicked Panda - 脅威アクター

Crowdstrike Wicked Panda

I have read and accept the terms and conditions

Download

次の敵対組織を見る

Wizard Spider

すべての敵対組織 17

次の敵対組織を見る

Terms and conditions

In order to download the adversary artwork, we kindly request you to accept our terms and conditions displayed below.

This image (“artwork”), is the intellectual property of CrowdStrike, Inc. and its affiliates and licensors (collectively, “us” or “we”) and may include other marks, trademarks, copyrighted materials, and other intellectual property (“assets”) that belong t o us, including, without limitation, CrowdStrike, the CrowdStrike logo, and CrowdStrike Falcon. We retain all right, title and interest in and to the artwork and all assets included therein. This artwork is offered to you as a convenience for your lawful a nd non-commercial use, solely as authorized by us, and subject to your compliance with these terms and conditions (“terms”) and any other guidelines or specifications that we may provide from time to time. We reserve the right to change these terms at any time without prior notice.

You should periodically check the latest information posted herein to be sure that you are in compliance. By downloading the artwork, you attest that you are at least 18 years of age and agree to the following terms, which const itute the sole and entire agreement between you and us with respect to the artwork. We reserve all rights not expressly granted to you herein. You may not use or display the artwork in any way: (i) that violates the rights of any person or entity or that may give rise to civil or criminal liability under laws or regulations applicable to you, another user, and/or CrowdStrike; (ii) that is defamatory, obscene, indecent, abusive, harassing, violent, hateful, inflammatory or otherwise objectionable; (iii) tha t is false, deceptive, misleading or fraudulent, including but not limited to: (a) any attempt to impersonate any person or entity, including any other user, CrowdStrike or a CrowdStrike employee; (b) any attempt to misrepresent your identity or affiliation with any person or organization; or (iv) for the purposes of recruiting, advertising, solicitation or commercial activities of any kind without our express written consent.

THE ARTWORK IS PROVIDED TO YOU BY CROWDSTRIKE ON AN “AS IS” AND “AS AVAILABLE” BA SIS, WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. EXCEPT TO THE EXTENT THAT A DISCLAIMER OF LIABILITY IS PROHIBITED UNDER APPLICABLE LAW, IN NO EVENT WILL CROWDSTRIKE, ITS AFFILIATES AND ITS LICENSORS, EMPLOYEES, AGENTS, OFFICERS AND DIRE CTORS BE LIABLE FOR DAMAGES OF ANY KIND, UNDER ANY LEGAL THEORY, ARISING OUT OF OR IN CONNECTION WITH YOUR USE, OR INABILITY TO USE, THE ARTWORK.