Security News > 2022 > March > Daxin: A Chinese-linked malware that is dangerous and nearly impossible to detect
Daxin is a backdoor malware that allows its controller to install further malicious software, has network tunneling capabilities, can relay communications across infected nodes, is able to hijack legitimate TCP/IP connections and is otherwise an incredibly complex piece of code.
As recently as November 2021, Daxin has been involved with attacks linked to Chinese actors, generally against targets with a strategic value for China.
One attack likely to have originated from China that made use of Daxin, was a November 2019 attack against an unnamed IT company in which the attackers used another Chinese malware tool called Owlproxy.
While not definitely linked to China or Daxin, Symantec says the behavior is similar enough that it suggests Daxin was involved.
As mentioned above, Daxin is a complicated piece of malware that shows serious skill on the part of its developers.
Symantec doesn't say much about how Daxin infects its targets, though it has said that its reporting on Daxin will be in multiple parts, which may contain remediation recommendations.