Summary:
It has been discovered that an unidentified cyber espionage group from China, commonly referred to as 'Evasive Panda', was involved in a covert operation that disseminated the MsgBot malware via an automatic update for the Tencent QQ messaging application. Since 2012, Evasive Panda, a cyber espionage group, has been active in carrying out targeted attacks on entities and individuals across mainland China, Hong Kong, Macao, Nigeria, as well as several nations situated in Southeast and East Asia. It has been discovered by security researcher that the operation began in 2020. The cyber-attack campaign appears to have primarily targeted a particular international non-governmental organization (NGO), with the majority of its victims situated in the provinces of Gansu, Guangdong, and Jiangsu. This implies that the attackers had a specific and targeted goal in mind.