"Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks"

"Evasive Panda," a China-linked threat actor, has been targeting Tibetan users with both watering hole and supply chain attacks since September 2023. The attacks deliver malicious downloaders for Windows and macOS that install a backdoor called "MgBot" and a previously undocumented Windows implant named "Nightdoor." According to ESET, the attackers compromised at least three websites to conduct watering hole attacks, as well as a Tibetan software company's supply chain. Evasive Panda, also known as "Bronze Highland" and "Daggerfly," has been active since 2012 and was previously disclosed in April 2023 to have targeted an international Non-Governmental Organization (NGO) in Mainland China using MgBot. This article continues to discuss Evasive Panda's attacks against Tibetan users. 

THN reports "Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks"

Submitted by grigby1