Numbered Panda (also known as IXESHE, DynCalc, DNSCALC, and APT12) is a cyber espionage group believed to be linked with the Chinese military. The group typically targets organizations in East Asia. These organizations include, but are not limited to, media outlets, high-tech companies, and governments. Numbered Panda is believed to have been operating since 2009. However, the group is also credited with a 2012 data breach at the New York Times. One of the group's typical techniques is to send PDF files loaded with malware via spear phishing campaigns. The decoy documents are typically written in traditional Chinese, which is widely used in Taiwan, and the targets are largely associated with Taiwanese interests. Numbered Panda appears to be actively seeking out cybersecurity research relat
| Property |
Value |
| dbo:abstract |
Numbered Panda (also known as IXESHE, DynCalc, DNSCALC, and APT12) is a cyber espionage group believed to be linked with the Chinese military. The group typically targets organizations in East Asia. These organizations include, but are not limited to, media outlets, high-tech companies, and governments. Numbered Panda is believed to have been operating since 2009. However, the group is also credited with a 2012 data breach at the New York Times. One of the group's typical techniques is to send PDF files loaded with malware via spear phishing campaigns. The decoy documents are typically written in traditional Chinese, which is widely used in Taiwan, and the targets are largely associated with Taiwanese interests. Numbered Panda appears to be actively seeking out cybersecurity research relating to the malware they use. After an Arbor Networks report on the group, FireEye noticed a change in the group's techniques to avoid future detection. (en) |
| dbo:battle |
dbr:Operation_Clandestine_Fox dbr:Operation_Double_Tap |
| dbo:country |
dbr:People's_Republic_of_China |
| dbo:militaryBranch |
dbr:People's_Liberation_Army |
| dbo:role |
Electronic warfare Cyber warfare |
| dbo:thumbnail |
wiki-commons:Special:FilePath/China_Emblem_PLA.svg?width=300 |
| dbo:type |
dbr:Cyber_force dbr:Advanced_persistent_threat |
| dbo:wikiPageExternalLink |
https://attack.mitre.org/wiki/Software/S0015 |
| dbo:wikiPageID |
53787084 (xsd:integer) |
| dbo:wikiPageLength |
10831 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID |
1101391930 (xsd:integer) |
| dbo:wikiPageWikiLink |
dbr:Premier_of_the_People's_Republic_of_China dbr:Private_network dbr:Electronic_warfare dbr:Encryption dbr:Base64 dbr:Bi-directional_text dbr:Hypertext_Transfer_Protocol dbr:People's_Liberation_Army dbr:Remote_Shell dbr:Cyber_espionage dbr:Cyber_force dbr:Unicode dbr:Uniform_Resource_Identifier dbr:Computer_security dbr:CrowdStrike dbr:Communications_protocol dbr:The_New_York_Times dbc:Cyberwarfare dbr:Arbor_Networks dbr:Arms_industry dbr:Phishing dbr:Port_(computer_networking) dbr:Traditional_Chinese_characters dbr:Trend_Micro dbr:Wen_Jiabao dbr:Domain_name dbr:Cyberwarfare_in_China dbr:Adobe_Acrobat dbr:Adobe_Flash_Player dbc:Electronic_warfare dbr:East_Asia dbr:FireEye dbr:POST_(HTTP) dbr:Proxy_server dbr:Japan dbr:Portable_Document_Format dbc:Chinese_advanced_persistent_threat_groups dbc:Espionage dbr:Advanced_persistent_threat dbr:Taiwan dbr:BIOS dbr:Microsoft_Excel dbr:Microsoft_Word dbr:NetBIOS dbr:Operating_system dbr:RC4 dbr:Command_and_control_(malware) dbr:IP_address dbr:Malware dbr:Operation_Clandestine_Fox dbr:Operation_Double_Tap dbr:File:China_Emblem_PLA.svg |
| dbp:battles |
* Operation Double Tap * Operation Clandestine Fox (en) |
| dbp:branch |
23 (xsd:integer) |
| dbp:role |
dbr:Cyberwarfare_in_China Electronic warfare (en) |
| dbp:type |
dbr:Cyber_force Advanced persistent threat (en) |
| dbp:unitName |
Numbered Panda (en) |
| dbp:wikiPageUsesTemplate |
dbt:CVE dbt:Flag dbt:Infobox_military_unit dbt:Primary_sources dbt:Reflist dbt:Hacking_in_the_2010s |
| dcterms:subject |
dbc:Cyberwarfare dbc:Electronic_warfare dbc:Chinese_advanced_persistent_threat_groups dbc:Espionage |
| rdf:type |
owl:Thing schema:Organization dul:Agent dul:SocialPerson dbo:Agent wikidata:Q176799 wikidata:Q24229398 wikidata:Q43229 dbo:MilitaryUnit dbo:Organisation |
| rdfs:comment |
Numbered Panda (also known as IXESHE, DynCalc, DNSCALC, and APT12) is a cyber espionage group believed to be linked with the Chinese military. The group typically targets organizations in East Asia. These organizations include, but are not limited to, media outlets, high-tech companies, and governments. Numbered Panda is believed to have been operating since 2009. However, the group is also credited with a 2012 data breach at the New York Times. One of the group's typical techniques is to send PDF files loaded with malware via spear phishing campaigns. The decoy documents are typically written in traditional Chinese, which is widely used in Taiwan, and the targets are largely associated with Taiwanese interests. Numbered Panda appears to be actively seeking out cybersecurity research relat (en) |
| rdfs:label |
Numbered Panda (en) |
| owl:sameAs |
wikidata:Numbered Panda https://global.dbpedia.org/id/2ovwy |
| prov:wasDerivedFrom |
wikipedia-en:Numbered_Panda?oldid=1101391930&ns=0 |
| foaf:depiction |
wiki-commons:Special:FilePath/China_Emblem_PLA.svg |
| foaf:isPrimaryTopicOf |
wikipedia-en:Numbered_Panda |
| foaf:name |
Numbered Panda (en) |
| is dbo:wikiPageRedirects of |
dbr:APT12 dbr:APT_12 |
| is dbo:wikiPageWikiLink of |
dbr:Chinese_intelligence_activity_abroad dbr:Advanced_persistent_threat dbr:APT12 dbr:APT_12 |
| is foaf:primaryTopic of |
wikipedia-en:Numbered_Panda |
