Targeting of European diplomatic entities, research entities, and internet service providers
Date of report
  • March 2022
The Chinese-linked threat actor Mustang Panda targeted European diplomatic entities with malicious files containing geopolitical themes, including a file titled “Situation at the EU borders with” The hackers used a European diplomat’s compromised email address to send the malware-laced emails to other countries’ diplomatic offices. 
Suspected victims
  • Search entities, internet service providers (ISPs), and European diplomatic missions mostly located in East and Southeast Asia.
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Government
  • Private sector
Victim government reaction
  • Unknown