Evasive Panda Strikes Again: DNS Poisoning Escapades in Cyber-Espionage Comedy!

Evasive Panda strikes again, using DNS poisoning to sneakily install the MgBot backdoor. Think of it as a digital ninja, tiptoeing through Türkiye, China, and India with the subtlety of a panda in a bamboo thicket. The campaign shows the group’s evolving tactics, leaving victims scratching their heads—and their servers!

3P
Published: December 29, 2025 9:17 amAdded: December 29, 2025 at 1:43 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew pandas could be so slippery? Turns out, they’re not just cute and cuddly, but also know their way around a keyboard. Evasive Panda is out here delivering backdoors like they’re serving up bamboo appetizers!

Key Points:

  • Evasive Panda, a China-linked APT group, is using DNS poisoning to deliver the MgBot backdoor in cyber-espionage campaigns.
  • The campaign targets victims in Türkiye, China, and India and has been ongoing from November 2022 to November 2024.
  • Attackers use fake software updates to deploy malware, masquerading as trusted applications like SohuVA.
  • The malware employs stealthy techniques, including DLL sideloading and adversary-in-the-middle attacks, to remain undetected.
  • Kaspersky highlights the group’s persistence and evolving tactics, suggesting other ongoing campaigns might exist.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?