Operation FishMedley: China’s Aquatic Panda Swims Through Global Espionage Waters!
Aquatic Panda strikes again! This China-linked APT group has been busy with Operation FishMedley, a global espionage campaign in 2022 targeting seven organizations across five countries. Known for recycling malware like ShadowPad and SodaMaster, they’re the ultimate eco-friendly hackers — making old threats new again!
Hot Take:
When you’ve got more names than a secret agent and more malware than a villain’s lair, you might just be Aquatic Panda. This China-linked APT group is up to its gills in cyber espionage, playing a digital game of Risk across the globe. Who knew that pandas would be so interested in espionage? Maybe they’re just trying to collect enough data to win a giant game of cyber Monopoly.
Key Points:
– Aquatic Panda, also known as Bronze University and several other aliases, is linked to a global espionage campaign targeting seven organizations.
– The campaign, named Operation FishMedley, spanned ten months in 2022 and hit targets in Taiwan, Hungary, Turkey, Thailand, France, and the United States.
– The threat actors used implants like ShadowPad and SodaMaster, frequently associated with China-aligned APT groups.
– The group is apparently operating under the Winnti Group umbrella and managed by the Chinese contractor i-Soon.
– The campaign involved five different malware families, but the initial access vector remains unknown.