This is a collection of rules based on the presence of indicators of compromise publicly reported as associated with this malicious actor.

Naikon is a threat group that has focused on victims around the South China Sea. This threat group has been attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover Designator 78020). While Naikon shares some characteristics with APT30, the two groups appear to be distinct.

Other names for this threat

APT30, APT.Naikon, Camerashy, Hellsing, Lotus Panda, Override Panda, PLA Unit 78020