Threat actor · all actors
DaggerflyG1034 state
🇨🇳 CN
aka Daggerfly, Evasive Panda, BRONZE HIGHLAND
Last updated: 2026-07-03
About this actor
[Daggerfly](https://attack.mitre.org/groups/G1034) is a People's Republic of China-linked APT entity active since at least 2012. [Daggerfly](https://attack.mitre.org/groups/G1034) has targeted individuals, government and NGO entities, and telecommunication companies in Asia and Africa. [Daggerfly](https://attack.mitre.org/groups/G1034) is associated with exclusive use of [MgBot](https://attack.mitre.org/software/S1146) malware and is noted for several potential supply chain infection campaigns.(Citation: Symantec Daggerfly 2023)(Citation: ESET EvasivePanda 2023)(Citation: Symantec Daggerfly 2024)(Citation: ESET EvasivePanda 2024)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 22 / 30 | 73% |
CM-6 | 21 / 30 | 70% |
CM-2 | 19 / 30 | 63% |
CM-7 | 18 / 30 | 60% |
CA-7 | 16 / 30 | 53% |
SI-3 | 16 / 30 | 53% |
AC-6 | 15 / 30 | 50% |
AC-2 | 14 / 30 | 47% |
AC-3 | 14 / 30 | 47% |
SI-7 | 14 / 30 | 47% |
CM-5 | 12 / 30 | 40% |
SI-2 | 11 / 30 | 37% |
AC-4 | 10 / 30 | 33% |
AC-5 | 10 / 30 | 33% |
IA-2 | 10 / 30 | 33% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- RedDelta Modified PlugX Infection Chain Operations 0.25
- Winter Vivern 0.25
- Juicy Mix 0.24
- GALLIUM 0.23
- Molerats 0.22
Same nation-state
- Night Dragon 1.00
- FunnyDream 1.00
- Operation Wocao 1.00
- C0017 1.00
- Cutting Edge 1.00
Same category
- Night Dragon 1.00
- FunnyDream 1.00
- C0011 1.00
- Operation Wocao 1.00
- Operation Dream Job 1.00