CVE Database Threat Actors Research API Docs

Visit Strobes.co Sign Up for Strobes

CVE Database Threat Actors Research API Docs

Tools

Visit Strobes.co Sign Up for Strobes

Do you like the insights?

Strobes vulnerability intelligence is a key component of their Exposure Management platform that helps organizations understand, prioritize, and address security vulnerabilities more effectively.

© 2026 Strobes Security. All rights reserved.

Tonto Team - Threat Actor Profile & Exploited CVEs | Strobes VI | Strobes VI

Home Threat ActorsTonto Team

Tonto Team

Also known as: KARMA PANDA, CactusPete, Red Beifang, COPPER, Earth Akhlut, TAG-74, G0131, PLA Unit 65017, BRONZE HUNTLEY

CN

0

Exploited CVEs

Overview

Tonto Team is a Chinese-speaking APT group that has been active since at least 2013. They primarily target military, diplomatic, and infrastructure organizations in Asia and Eastern Europe. The group has been observed using various malware, including the Bisonal RAT and ShadowPad. They employ spear-phishing emails with malicious attachments as their preferred method of distribution.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions

Search related CVEs Browse all threat actors