Security News > 2022 > March > Daxin Espionage Backdoor Ups the Ante on Chinese Malware
The Daxin malware is taking aim at hardened government networks around the world, according to researchers, with the goal of cyberespionage.
"Daxin malware is a highly sophisticated rootkit backdoor with complex, stealthy command-and-control functionality that enabled remote actors to communicate with secured devices not connected directly to the internet," warned CISA, in a Monday alert.
From a technical standpoint, Daxin takes the form of a Windows kernel driver, according to Symantec's Monday analysis, and has a focus on stealth.
Daxin also can hijack legitimate TCP/IP connections.
The research team linked Daxin to Chinese actors because it's usually deployed alongside tools known to be associated with Chinese espionage actors.
"Daxin is without doubt the most advanced piece of malware Symantec researchers have seen used by a China-linked actor."
News URL
https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/
Related news
- Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants (source)
- Chinese cyberspies backdoor Juniper routers for stealthy access (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Juniper patches bug that let Chinese cyberspies backdoor routers (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Chinese snoops use stealth RAT to backdoor US orgs – still active last week (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)