The BlackBerry Research & Intelligence Team recently uncovered a campaign by an advanced persistent threat (APT) group called Mustang Panda that is leveraging the PlugX malware family to target the Southeast Asian state of Myanmar.
Our team analyzed the samples in question and found their embedded configurations revealed a set of command-and-control (C2) domains that masquerade as Myanmar news outlets. This is not the first time a campaign targeting this state has impersonated Myanmar news outlets or used PlugX malware.
These tactics, techniques, and procedures (TTPs), along with other corroborating evidence – such as a previous indication that the group was active in this reasonable location – lead us to assert with confidence that the China-based threat group known as Mustang Panda is responsible for this campaign
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
blogs.blackberry.com
