Mustang Panda Targets Philippines Government Using Legitimate Software

Threat Level – Amber | Vulnerability Report
Download PDF

Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect (an antivirus solution based in Indonesia), to load malicious files. Additionally, the malware was configured to imitate authentic Microsoft traffic, enabling the threat actors to establish command and control connections without detection.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox