Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

BaoLoader

China-linked APT used DNS poisoning to deliver MgBot backdoor, Kaspersky says

Cybercrime, News, Research, Risk

December 26, 2025

Kaspersky linked a China-aligned APT known as Evasive Panda to a campaign from November 2022 to November 2024 that used DNS poisoning to deliver an MgBot backdoor to targets in Türkiye, China and India, employing staged loaders, custom encryption and host-specific payloads.
Acronis warns of ongoing ‘TamperedChef’ malvertising campaign using signed fake installers

Cybercrime, News, Research, Risk, Vulnerabilities

November 20, 2025

Acronis Threat Research Unit says operators are using signed counterfeit installers in a global malvertising campaign dubbed TamperedChef to deploy a JavaScript backdoor, with infections concentrated in the U.S. and several industries affected; some variants have been used for advertising fraud while broader motives remain unclear.

About
Editorial Policy
Privacy
Contact