Threat Actor Profile

Tonto Team

State-sponsored threat group originating from CN. Suspected sponsor: China. Known to target Military, Government, Private sector. Uses 23 known MITRE ATT&CK techniques.

23 TTPs Mapped 3 Industries Tracked Real-Time Alerts

OriginCN

23MITRE TTPs

3Sectors Hit

Actor Overview

Origin Country

Suspected Sponsor

China

Known Techniques

23 TTPs

Target Industries

MilitaryGovernmentPrivate sector

Suspected Victims

Eastern EuropeJapanSouth KoreaTaiwanUS

MITRE ATT&CK Techniques

T1059T1059.001T1059.006T1203T1068T1210T1574T1574.001T1105T1056T1056.001T1135T1003T1069T1069.001 +8 more

Related Threat Reports

Premium

APT Campaign Analysis - Q4 2025Dec 2025

New Tactics Observed in WildDec 2025

Infrastructure Mapping ReportDec 2025

Stay Updated

Get alerts when new intel on Tonto Team is published.

Actor Details

Primary Name

Tonto Team

Known Aliases

CactusPete, KARMA PANDA, BRONZE HUNTLEY, COPPER, Red Beifang, G0131, PLA Unit 65017, Earth Akhlut, TAG-74

Data Source

Precursor Intelligence

Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →