Evasive Panda Targets Tibet With Trojanized Software

A sophisticated cyber-espionage campaign by the China-aligned APT group Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly) has been observed targeting Tibetans across various countries and territories. According to a technical write-up published by ESET researchers today, the attackers strategically leveraged the Monlam Festival, a significant religious gathering, to target individuals associated with Tibetan Buddhism.

By compromising the festival organizer’s website, they orchestrated a watering hole attack, specifically targeting users connecting from specific networks. This tactic involved injecting malicious code into the website, leading visitors to unwittingly download trojanized software.

“In addition to this, the attackers also abused the same website and a Tibetan news website called Tibetpost – tibetpost[.]net – to host the payloads obtained by the malicious downloads, including two full-featured backdoors for Windows and an unknown number of payloads for macOS,” ESET wrote

Evasive Panda Targets Tibet With Trojanized Software

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Evasive Panda Targets Tibet With Trojanized Software

07-Mar-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address