CryptocurrencyCyber CrimeIntelligenceLandscapesNational DefenseNational SecuritySecurity

China’s “Daxin” Malware Used in Gov’t Espionage Operations for 10 Years

The “most advanced piece of malware” that China-linked hackers have ever been known to use was revealed today. Dubbed Daxin, the stealthy back door was used in espionage operations against governments around the world for a decade before it was caught.

Daxin is just the latest powerful tool linked to China over the past year. It works by hijacking legitimate connections to hide its communications in normal network traffic. The result provides stealth and, on highly secure networks where direct internet connectivity is impossible, allows hackers to communicate across infected computers. The researchers who discovered it, from the cybersecurity firm Symantec, compare it to advanced malware they’ve seen that’s been linked to Western intelligence operations. It’s been in use at least as recently as November 2021.

And in February of last year,  a massive hacking spree against Microsoft Exchange servers by multiple Chinese groups, beginning with zero-day exploits known as ProxyLogon vulnerabilities, showcased Beijing’s ability to coordinate an offensive so large in scale it seemed chaotic and reckless to outside observers. The onslaught effectively left a door wide open on tens of thousands of vulnerable email servers for any hacker to step through.

From The Shadows Emerges Knowledge