🇨🇳

Nomad Panda

APT Group Information theft and espionage 6 zero-day CVEs ETDA ✓

Also Known As

No alias recorded

Target Countries

No target country recorded

Sectors Targeted

No targeted sector recorded

Details

Origin 🇨🇳 CN
Last Updated 13 Apr 2026

MITRE ATT&CK 41

T001.001 T002 T1016 - System Network Configuration Discovery T1027 - Obfuscated Files or Information T1027.002 - Software Packing T1036 - Masquerading T1055 - Process Injection T1056.001 - Keylogging T1059.001 T1071 - Application Layer Protocol T1082 - System Information Discovery T1083 - File and Directory Discovery T1087 - Account Discovery T1095 - Non-Application Layer Protocol T1112 - Modify Registry T1140 - Deobfuscate/Decode Files or Information T1189 - Drive-by Compromise T1406 - Obfuscated Files or Information T1409 - Access Stored Application Data T1412 - Capture SMS Messages T1413 - Access Sensitive Data in Device Logs T1414 - Capture Clipboard Data T1418 - Application Discovery T1421 - System Network Connections Discovery T1422 - System Network Configuration Discovery T1424 - Process Discovery T1426 - System Information Discovery T1429 - Capture Audio T1430 - Location Tracking T1432 - Access Contact List T1439 - Eavesdrop on Insecure Network Communication T1447 - Delete Device Data T1472 - Generate Fraudulent Advertising Revenue T1507 - Network Information Discovery T1518 - Software Discovery T1523 - Evade Analysis Environment T1555 - Credentials from Password Stores T1555.003 - Credentials from Web Browsers T1566 - Phishing T1571 - Non-Standard Port T1574 - Hijack Execution Flow

Related Zero-Days 6

CVE-2021-26855 CVE-2026-21510 CVE-2026-21513 CVE-2026-21514 CVE-2026-21519 CVE-2026-21533