Daggerfly: Espionage Group Makes Major Update to Toolset

Description

An advanced persistent threat (APT) group, known as Daggerfly or Evasive Panda, has significantly updated its malware arsenal. The group has introduced new versions of its modular backdoor framework MgBot for multiple platforms, including Windows, Linux, macOS, and Android. Symantec researchers have also attributed the previously documented Macma macOS backdoor to Daggerfly based on shared code and infrastructure. Additionally, a new Windows backdoor named Suzafk has been identified as part of Daggerfly's toolkit. Recent attacks targeting organizations in Taiwan, a US NGO based in China, and telecoms operators in Africa demonstrate the group's continued espionage activities.