Emissary Panda | CFR Interactives

Emissary Panda

Affiliations

Also known as TG-3390, APT 27, TEMP.Hippo, LuckyMouse, and Budworm. Believed to have been responsible for the compromise of a Mongolian data center.

This threat actor compromises web pages to lure targets for espionage purposes. It focuses on the aerospace, automotive, technology, and energy sectors, primarily in the United States and United Kingdom.

Suspected victims

United States

United Kingdom

France

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government
Private sector

Threat Group 3390 Cyberespionage
Operation Iron Tiger: Exploring Chinese Cyber-Espionage Attacks on United States Defense Contractors
ThreatConnect identifies Chinese targeting of two companies. Economic espionage or military intelligence?

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events