A Chinese state-sponsored group tracked as Murky Panda—also known as Silk Typhoon (Microsoft) and Hafnium—is abusing trusted cloud relationships to gain initial access to the networks and data of downstream customers. The activity primarily targets government, technology, academic, legal, and professional services organizations in North America and aligns with the group’s long record of cyberespionage, including the 2021 Microsoft Exchange campaigns that used ProxyLogon. Recent operations cited in public reporting include intrusions impacting the U.S. Treasury’s Office of Foreign Assets Control and the Committee on Foreign Investment.
How Murky Panda Leverages Trusted Cloud Relationships for Initial Access
Researchers describe a shift toward cloud supply chain attacks that exploit the inherent trust between cloud service providers and their customers. Because providers are often granted built-in administrative access to customer tenants, a compromise upstream can become a direct path into downstream environments, allowing access to mailboxes, applications, and stored data with fewer traditional red flags.
In March, Microsoft reported Silk Typhoon activity against remote management tools and cloud services as part of supply chain operations aimed at downstream customers. The approach blends with legitimate cloud traffic, making early detection more difficult in environments that prioritize credential or endpoint anomalies over provider-to-tenant control paths.
Initial Access via Public-Facing Services and Known Vulnerabilities
Murky Panda also continues to exploit internet-exposed devices and services to establish footholds before moving to cloud abuse. Common entry points include:
- CVE-2023-3519 in Citrix NetScaler devices
- ProxyLogon/ProxyLogin vulnerabilities in Microsoft Exchange
- CVE-2025-0282 in Ivanti Pulse Connect VPN
These vectors provide reliable ingress for staging, data collection, and credential access that support later cloud pivoting.
Once a cloud service provider is compromised, the same trust that simplifies administration can be turned into broad access. Threat actors can inherit elevated privileges, query mail and application data, and create persistence without noisy password-spray or authentication-prompt patterns that typically alert defenders.
In one investigated incident, the attackers exploited zero-day vulnerabilities to breach a SaaS provider’s cloud environment. They obtained the provider’s application registration secret in Microsoft Entra ID, then authenticated as a service principal to log into downstream customer tenants. With this access, the operators read customer emails and exfiltrated sensitive data, all while operating under service-to-service trust that appeared routine.
In another case, Murky Panda compromised a Microsoft Cloud Solution Provider with Delegated Administrative Privileges (DAP). By taking over an account in the Admin Agent group, the actors gained Global Administrator rights across all downstream tenants associated with that provider. They then created backdoor accounts and escalated privileges inside customer environments to ensure persistence and continued access to email and application data.
CrowdStrike notes that breaches via trusted relationships are comparatively rare and, as a result, less monitored than common vectors like credential theft. Activity routed through provider channels blends with legitimate administrative operations, allowing Murky Panda to maintain long-term, low-noise access that complicates triage and response.
Tooling and Tradecraft Used to Sustain Access and Avoid Discovery
Beyond cloud abuse, Murky Panda employs a mix of living-off-the-land techniques, third-party utilities, and custom malware to keep access and evade controls. Together with provider-level privileges, these tools support mailbox access, application data collection, and account manipulation while minimizing overt indicators.
What This Trend Signals for Enterprise Defenders
The reporting underscores a durable tactic: compromise upstream, inherit trust downstream. Whether through exploiting Citrix NetScaler, Microsoft Exchange, or Ivanti Pulse Connect VPN, or by abusing Entra ID and DAP relationships, the group’s cloud supply chain attacks reduce the need for noisier intrusion steps and extend dwell time within targeted organizations.
