Mustang Panda Targets Philippines Government Using Legitimate Software

Summary:

Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect (an antivirus solution based in Indonesia), to load malicious files. Additionally, the malware was configured to imitate authentic Microsoft traffic, enabling the threat actors to establish command and control connections without detection.

Threat Level – Amber | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.