Targeting of Mongolian government agencies

Date of report

December 2020

Affiliations

Emissary Panda

The Chinese threat actor Emissary Panda compromised Able Desktop chat software used by over 430 Mongolian government agencies and a national data center. The ShadowPad backdoor, previously attributed to a suspected subset of the Winnti Umbrella, was also used.

Suspected victims

Mongolian government agencies and a national data center

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government

Victim government reaction

Unknown

Chinese APT suspected of supply chain attack on Mongolian government agencies
APT Group Targeting Governmental Agencies in East Asia
Operation StealthyTrident: corporate software under attack

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events