The Rancor group’s attacks use two primary malware families which are naming DDKONG and PLAINTEE. DDKONG is used throughout the campaign and PLAINTEE ...

Threat Actor Profile

RANCOR

State-sponsored threat group originating from CN. Suspected sponsor: China. Known to target Government, Civil society.

2 Industries Tracked Real-Time Alerts

Actor Overview

Origin Country
CN
Suspected Sponsor
China
Incident Types
Espionage

Target Industries

GovernmentCivil society

Suspected Victims

SingaporeCambodia

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on RANCOR is published.

Actor Details

Primary Name
RANCOR
Known Aliases
Rancor group, Rancor, Rancor Group, G0075, Rancor Taurus
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →