Symantec’s Threat Hunter Team has uncovered a dangerous Chinese-linked malware that is difficult to detect.
According to the researchers, the new malware is called Backdoor.Daxin. The malware “exhibit[s] technical complexity previously unseen by such actors.”
Daxin is a backdoor malware that offers a lot of potential to attackers using it. Daxin capabilities include installing further malicious software, network tunneling capabilities, hijacking TCP/IP sessions.
Others include encapsulating raw network packets In a way that response packets are automatically sent to attackers, and lastly, Daxin’s ability to make hops across multiple infected nodes with just a single command.
Considering its capabilities and the nature of its deployed attacks, Daxin appears to be optimized for use against hardened targets, allowing the attackers to burrow deep into a target’s network and exfiltrate data without raising suspicions,” Symantec explained.
To protect their networks against Daxin malware, organizations are advised to follow known cybersecurity practices, and best practices for businesses and specialized networks like IC, //IIoT, and OT.