Security News > 2022 > March > Daxin Espionage Backdoor Ups the Ante on Chinese Malware
The Daxin malware is taking aim at hardened government networks around the world, according to researchers, with the goal of cyberespionage.
"Daxin malware is a highly sophisticated rootkit backdoor with complex, stealthy command-and-control functionality that enabled remote actors to communicate with secured devices not connected directly to the internet," warned CISA, in a Monday alert.
From a technical standpoint, Daxin takes the form of a Windows kernel driver, according to Symantec's Monday analysis, and has a focus on stealth.
Daxin also can hijack legitimate TCP/IP connections.
The research team linked Daxin to Chinese actors because it's usually deployed alongside tools known to be associated with Chinese espionage actors.
"Daxin is without doubt the most advanced piece of malware Symantec researchers have seen used by a China-linked actor."
News URL
https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/
Related news
- Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service (source)
- New 'OtterCookie' malware used to backdoor devs in fake job offers (source)
- RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)