Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

2023-06-02 10:08

The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals.

Camaro Dragon overlaps with a threat actor widely tracked as Mustang Panda, a state-sponsored group from China that is known to be active since at least 2012.

The TinyNote backdoor is distributed using names related to foreign affairs, and likely targets Southeast and East Asian embassies.

"The TinyNote backdoor highlights the targeted approach of Camaro Dragon and the extensive research they conduct prior to infiltrating their intended victims' systems," Check Point said.

"The PLA's use of OSINT very likely provides it an intelligence advantage, as the West's open information environment allows the PLA to easily harvest large quantities of open-source data, whereas Western militaries must contend with China's closed information environment," Recorded Future noted.

"Commercial data providers should also be aware that China's military and defense industry could be purchasing their data for intelligence purposes, and should consider carrying out due diligence when selling their data to entities in China," the company said.

News URL

https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html

#backdoor