StormBamboo, also known as Evasive Panda, Daggerfly, or Bronze Highland, is a China-aligned cyberespionage group targeting organizations aligned with Chinese interests since 2012. It has a history of compromising infrastructures, leveraging watering hole attacks, and running supply chain attacks to infect targets with custom malware for Windows, macOS, and Android.
The group compromised an ISP, controlling DNS responses to serve malicious payloads alongside legitimate software updates. This DNS manipulation allowed them to discreetly redirect computers' requests to attacker-controlled IP addresses. StormBamboo's attacks span mainland China, Hong Kong, Macao, Nigeria, Southeast Asia, East Asia, U.S., India, and Australia.
[
Collection
]
[
|
...
]