Security News > 2022 > March > Daxin Espionage Backdoor Ups the Ante on Chinese Malware
The Daxin malware is taking aim at hardened government networks around the world, according to researchers, with the goal of cyberespionage.
"Daxin malware is a highly sophisticated rootkit backdoor with complex, stealthy command-and-control functionality that enabled remote actors to communicate with secured devices not connected directly to the internet," warned CISA, in a Monday alert.
From a technical standpoint, Daxin takes the form of a Windows kernel driver, according to Symantec's Monday analysis, and has a focus on stealth.
Daxin also can hijack legitimate TCP/IP connections.
The research team linked Daxin to Chinese actors because it's usually deployed alongside tools known to be associated with Chinese espionage actors.
"Daxin is without doubt the most advanced piece of malware Symantec researchers have seen used by a China-linked actor."
News URL
https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/
Related news
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Salt Typhoon hackers backdoor telcos with new GhostSpider malware (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service (source)