"Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering"

Camaro Dragon, a Chinese nation-state group, has been linked to another backdoor designed for its intelligence-gathering. Check Point researchers named the Go-based malware "TinyNote," stating that it is a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." The malware compensates for its lack of sophistication by establishing redundant methods to maintain access to the compromised host through multiple persistence tasks and various methods of communicating with different servers. Camaro Dragon overlaps with the Chinese state-sponsored group Mustang Panda, which has been active at least since 2012. This article continues to discuss the  Camaro Dragon nation-state group being linked to the Go-based malware TinyNote. 

THN reports "Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering"

Submitted by Anonymous on