The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.
July 23, 2024 By Nate Nelson
A Chinese advanced persistent threat (APT) is upgrading its espionage capabilities by developing and iterating on malware across operating systems (OSes).
Evasive Panda — which Symantec tracks as "Daggerfly" in a new blog post — has been known to target telecommunications companies, government agencies, nongovernmental organizations (NGOs), universities, and private individuals of interest to the Chinese state. Recently it has carried out a handful of attacks against similar targets, mostly located in Taiwan, plus one American NGO based in China.
Though its victims are predictable, the platforms it targets for its chicanery are varied. Besides Windows and macOS, Symantec found evidence of Evasive Panda Trojanizing Android Package Kits (APKs), developing SMS and DNS request interception tools, and developing malware families around Linux and even Solaris OS.
