#DNSpoisoning

China’s Evasive Panda Attacks ISP to Send Malicious Software Updates

by

August 5, 2024 at 03:03PM Researchers have uncovered a China-linked APT group’s attack on an ISP, employing DNS poisoning to compromise software update mechanisms. This enabled the delivery of Macma backdoor variants and post-exploitation malware, exfiltrating sensitive data from affected networks. The APT group, known as Evasive Panda, used DNS manipulation to conduct the attacks, … Read more

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

by

August 5, 2024 at 01:24AM Evasive Panda, a sophisticated China-linked cyber espionage group, compromised an ISP to push malware updates to target companies, displaying high levels of skill. The threat actor has been active since 2012, using various malware, including a macOS strain called MACMA. The group has targeted organizations through supply chain attacks, DNS … Read more