Daxin (spyware) explained

Daxin is a backdoor exploit discovered in late 2021 by Symantec researchers. It is considered highly sophisticated and is suspected to have been operational in espionage operations by the Chinese government for over a decade, targeting government agencies in Asia and Africa.[1] It can be controlled from anywhere in the world, and its creators reportedly invested significant effort to make its communication blend in with network traffic.[2] [3] [4]

Daxin comes in the form of a Windows kernel driver and exhibits technical sophistication previously unseen from such actors.[5] It implements advanced communications functionality that provides a high degree of stealth and permits the attackers to communicate with infected computers on highly secured networks.[6] Daxin is capable of hijacking legitimate TCP/IP connections, exchanging digital keys with a remote peer, and opening encrypted communication channels for receiving commands and sending information back to the remote source.

Daxin's capabilities suggest the attackers invested significant effort into developing communication techniques that can blend in unseen with normal network traffic on the target's network. The malware can be controlled from anywhere in the world, and its creators reportedly made considerable effort to ensure its communication blends in with network traffic.[7]

Notes and References

  1. Web site: Warminsky . Joe . 2022-02-28 . 'Most advanced' China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators . 2024-07-22 . CyberScoop . en-US.
  2. News: Bing . Christopher . 28 February 2022 . New Chinese hacking tool found, spurring U.S. Warning to allies . Reuters . https://web.archive.org/web/20220301050240/https://www.reuters.com/technology/new-chinese-hacking-tool-found-spurring-us-warning-allies-2022-02-28/ . 2022-03-01.
  3. Web site: How China built a one-of-a-kind cyber-espionage behemoth to last.
  4. Web site: 'Sophisticated' new Chinese hacking tool found, US warns allies. March 2022.
  5. Web site: Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks . 2024-07-22 . prod-blogs-ui.client-b1.bkjdigital.com . en.
  6. Web site: Moshe . Tal . Daxin - Backdoor Designed for Attacks Against Hardened Networks . 2024-07-22 . Cymulate . en-US.
  7. Web site: Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks . 2024-07-22 . prod-blogs-ui.client-b1.bkjdigital.com . en.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Daxin (spyware)".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.