Lucene search
K

13 matches found

The Hacker News
The Hacker News
added 2025/12/26 2:44 p.m.9 views

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

A China-linked advanced persistent threat APT group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain Name System DNS requests to deliver its signature MgBot backdoor in attacks targeting victims in Türkiye, China, and India. The activity,...

6.5AI score
Exploits0
Securelist
Securelist
added 2025/12/24 7:0 a.m.12 views

Evasive Panda APT poisons DNS requests to deliver MgBot

Introduction The Evasive Panda APT group also known as Bronze Highland, Daggerfly, and StormBamboo has been active since 2012, targeting multiple industries with sophisticated, evolving tactics. Our latest research June 2025 reveals that the attackers conducted highly-targeted campaigns, which...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 5:26 p.m.23 views

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/05 4:16 a.m.37 views

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider ISP to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highlan...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/23 12:28 p.m.24 views

Chinese Hackers Target Taiwan and US NGO with MgBot Malware

Organizations in Taiwan and a U.S. non-governmental organization NGO based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group "also engages in internal espionage,"...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/07 1:22 p.m.26 views

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and ...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/04/27 8:24 a.m.27 views

Daggerfly APT Deploys MgBot to Target African Telecoms Organization

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Daggerfly advanced persistent threat group has been observed using previously unseen plugins from the MgBot malware framework in a recent campaign. To receive real-time threat advisories, please foll...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/26 12:33 p.m.3 views

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China

The advanced persistent threat APT group referred to as Evasive Panda has been observed targeting an international non-governmental organization NGO in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ. The attack chains are designed to distribut...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/26 12:33 p.m.42 views

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China

The advanced persistent threat APT group referred to as Evasive Panda has been observed targeting an international non-governmental organization NGO in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ. The attack chains are designed to distribut...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 10:26 a.m.3 views

Daggerfly Cyberattack Campaign Hits African Telecom Services Providers

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly , and which is also monitored by the broader cybersecurity...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 10:26 a.m.36 views

Daggerfly Cyberattack Campaign Hits African Telecom Services Providers

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also monitored by the broader cybersecurity...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/07/21 3:5 p.m.7 views

Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions

An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News. The attacks were...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/21 3:0 p.m.5325 views

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

This blog post was authored by Hossein Jazi and Jérôme Segura On July 2, we found an archive file with an embedded document pretending to be from the government of India. This file used template injection to drop a malicious template which loaded a variant of Cobalt Strike. One day later, the sam...

9.3CVSS8.8AI score0.99966EPSS
Exploits21
Rows per page
Query Builder