Mustang Panda APT targets Europe with customized PlugX malware

Threat Level

Actor Report

For a detailed threat advisory, download the pdf file here

Summary

The Mustang Panda APT group has been targeting government and public sector organizations across Asia and Europe since at least 2019. Recently, the group has shifted from using archive files to using malicious optical disc image (ISO) files to deliver a modified version of the PlugX malware, increasing the group’s evasion against anti-malware solutions and targeting Europe.