Daxin (malware)
   HOME

TheInfoList



Click Here for Items Related To - Daxin (malware)
OR:
Daxin (malware) on:   [Wikipedia]   [Google]   [Amazon]

Daxin is a
backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so tit ...
exploit discovered in late 2021 by
Symantec Symantec may refer to: * Gen Digital, an American consumer software company formerly known as Symantec * Symantec Security, a brand of enterprise security software purchased by Broadcom Broadcom Inc. is an American multinational corporation, ...
researchers. It is considered highly sophisticated and is suspected to have been operational in espionage operations by the Chinese government for over a decade, targeting government agencies in
Asia Asia ( , ) is the largest continent in the world by both land area and population. It covers an area of more than 44 million square kilometres, about 30% of Earth's total land area and 8% of Earth's total surface area. The continent, which ...
and
Africa Africa is the world's second-largest and second-most populous continent after Asia. At about 30.3 million km2 (11.7 million square miles) including adjacent islands, it covers 20% of Earth's land area and 6% of its total surfac ...
. It can be controlled from anywhere in the world, and its creators reportedly invested significant effort to make its communication blend in with network traffic. Daxin comes in the form of a
Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
kernel driver and exhibits technical sophistication previously unseen from such actors. It implements advanced communications functionality that provides a high degree of stealth and permits the attackers to communicate with infected computers on highly secured networks. Daxin is capable of hijacking legitimate
TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are ...
connections, exchanging digital keys with a remote peer, and opening
encrypted In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plain ...
communication channels for receiving commands and sending information back to the remote source. Daxin's capabilities suggest the attackers invested significant effort into developing communication techniques that can blend in unseen with normal network traffic on the target's network. The malware can be controlled from anywhere in the world, and its creators reportedly made considerable effort to ensure its communication blends in with network traffic.


References

Spyware Common trojan horse payloads Computer network security Rogue security software Security breaches Deception {{malware-stub