State-Sponsored Cyber Threats: Daggerfly’s Upgraded Malware Toolkit

State-Sponsored Cyber Threats: Daggerfly’s Upgraded Malware Toolkit

According to a Symantec investigation, the prolific Chinese espionage outfit Daggerfly (also known as Evasive Panda and Bronze Highland) has considerably modified its malware toolset, enhancing its ability to target the majority of key operating systems.

The most recent advancements indicate that the gang is employing a single framework to efficiently target Windows, Linux, macOS, and Android operating systems.

The researchers saw the group using new malware versions in recent operations against Taiwanese organizations and a US NGO operating in China.

The Evolution of Daggerfly

Daggerfly has been active for over a decade, conducting espionage operations both internationally and within China. Their primary targets have included government agencies, defense contractors, and various industries critical to national security. Over the years, Daggerfly has demonstrated a high level of sophistication in their cyber operations, continually evolving their tactics, techniques, and procedures (TTPs) to stay ahead of detection mechanisms.

Symantec reported in April 2023 on a Daggerfly campaign targeting an African telecoms business, in which the gang employed new plugins written with the MgBot malware platform.

In Ma

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: