August 5, 2024 at 03:03PM Researchers have uncovered a China-linked APT group’s attack on an ISP, employing DNS poisoning to compromise software update mechanisms. This enabled the delivery of Macma backdoor variants and post-exploitation malware, exfiltrating sensitive data from affected networks. The APT group, known as Evasive Panda, used DNS manipulation to conduct the attacks, … Read more
August 5, 2024 at 01:24AM Evasive Panda, a sophisticated China-linked cyber espionage group, compromised an ISP to push malware updates to target companies, displaying high levels of skill. The threat actor has been active since 2012, using various malware, including a macOS strain called MACMA. The group has targeted organizations through supply chain attacks, DNS … Read more
August 3, 2024 at 03:41PM The Chinese hacking group StormBamboo, also known as Evasive Panda, Daggerfly, and StormCloud, has compromised an internet service provider to inject malware into automatic software updates, targeting organizations across various countries. They exploited insecure HTTP software update mechanisms, deploying malware onto victims’ devices without user interaction. They also targeted software … Read more
July 23, 2024 at 03:59PM Evasive Panda, also known as Daggerfly, is a Chinese advanced persistent threat (APT) group that targets telecommunications companies, government agencies, NGOs, universities, and private individuals. It has developed malware for various platforms, including Windows, macOS, Android, Linux, and Solaris, showcasing its ambition and diverse capabilities. The group’s continuous development and … Read more
March 8, 2024 at 08:03AM Cybersecurity firm ESET reports that a Chinese APT group known as Evasive Panda has been targeting Tibetans through watering hole and supply chain attacks. The group has a history of cyberespionage operations primarily targeting government entities in China, India, and other Asian countries. Evasive Panda has been leveraging compromised websites … Read more
March 7, 2024 at 09:21AM Evasive Panda, a China-based threat actor, conducted cyber attacks targeting Tibetan users through watering hole and supply chain techniques, using malicious downloaders to deploy a backdoor and a new Windows implant. The attacks aimed to infiltrate specific countries and territories, taking advantage of events like the Kagyu Monlam Festival. The … Read more
March 7, 2024 at 05:37AM A targeted cyber-attack linked to the Evasive Panda hacking team infected visitors to a Buddhism festival website and users of a Tibetan language translation app. The group’s campaign affected systems in India, Taiwan, Australia, the United States, and Hong Kong. Evasive Panda is known for supply chain attacks and has … Read more