New 'highly sophisticated' malware linked to Chinese cyberattackers

A leading cybersecurity firm says it has discovered a “highly sophisticated” piece of malware being used by Chinese hacking teams to attack government and critical infrastructure targets.

Symantec, a division of U.S.-based software designer and manufacturer Broadcom, said the earliest known sample of the malware, which has been dubbed Daxin, dates back to 2013, while Microsoft first documented the hacking tool in December 2013.

A report by the company’s Threat Hunter Team says Daxin is “without doubt” the most advanced piece of malware it has seen used “by a China-linked actor.” The unit says Daxin was discovered along with other hacking tools previously used by Chinese cyberattackers.

The hackers have deployed Daxin against “organizations and governments of strategic interest to China.” The malware permits the attackers to communicate directly with infected computers on highly secured networks where direct internet connectivity is not available, allowing them to extract data without raising suspicions.

Vikram Thakur, a technical director with Symantec, told Reuters that Daxin “can be controlled from anywhere in the world once a computer is actually infected.” Thakur said Daxin’s victims included high-level, non-Western government agencies in Asia and Africa, including justice ministries.