Putter Panda

Also known as: APT2, MSUpdater, Putter Panda, PLA Unit 61486, PUTTER PANDA, 4HCrew, SULPHUR, SearchFire, TG-6952, G0024

Putter Panda is a Chinese threat group that has been attributed to Unit 61486 of the 12th Bureau of the PLA’s 3rd General Staff Department (GSD). CrowdStrike Putter Panda

🌍 Country China

🎯 Incident Type Espionage

🧭 ATT&CK G0024

Private sector Government

Targeted Victims

U.S. satellite and aerospace sector

Introduction

Putter Panda is a Chinese threat group that has been attributed to Unit 61486 of the 12th Bureau of the PLA’s 3rd General Staff Department (GSD). CrowdStrike Putter Panda

Activities and Tactics

Targeted Sectors: Private sector, Government

Country of Origin: 🇨🇳 China

Incident Type: Espionage

Suspected Victims: U.S. satellite and aerospace sector

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

Information pending cataloguing.

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

[1] MITRE ATT&CK MITRE ATT&CK entry [2] CrowdStrike Putter Panda

Source Attribution

Structured source: Malpedia (Fraunhofer FKIE)

View ATT&CK group profile

View upstream source record

License: CC BY-NC-SA 3.0

Additional source provenance

malpedia Source record Dataset
mitre Dataset

Source and license policy

🔍 Quick Filters

Top Countries

Risk Distribution

High

161

Critical

Low

Medium

Targeted Victims

Introduction

Activities and Tactics

Notable Campaigns

Tactics, Techniques, and Procedures (TTPs)

Notable Indicators of Compromise (IOCs)

Malware and Tools

Attribution and Evidence

References

Clickable IOC Blocks