Daggerfly

Also known as: BRONZE HIGHLAND, Daggerfly, Evasive Panda

Daggerfly is a People’s Republic of China-linked APT entity active since at least 2012. Daggerfly has targeted individuals, government and NGO entities, and telecommunication companies in Asia and Africa. Daggerfly is associated with exclusive use of MgBot malware and is noted for several potential supply chain infection campaigns. Symantec Daggerfly 2023 ESET EvasivePanda 2023 Symantec Daggerfly 2024 ESET EvasivePanda 2024

🌍 Country China
🎯 Incident Type Espionage
🧭 ATT&CK G1034
Government Individuals Universities

Targeted Victims

Hong Kong Malaysia India Taiwan Macao Nigeria

Introduction

Daggerfly is a People’s Republic of China-linked APT entity active since at least 2012. Daggerfly has targeted individuals, government and NGO entities, and telecommunication companies in Asia and Africa. Daggerfly is associated with exclusive use of MgBot malware and is noted for several potential supply chain infection campaigns. Symantec Daggerfly 2023 ESET EvasivePanda 2023 Symantec Daggerfly 2024 ESET EvasivePanda 2024

Activities and Tactics

Targeted Sectors: Government, Individuals, Universities

Country of Origin: πŸ‡¨πŸ‡³ China

Incident Type: Espionage

Suspected Victims: Hong Kong, Malaysia, India, Taiwan, Macao, Nigeria

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

Information pending cataloguing.

Attribution and Evidence

Country of Origin: China Additional attribution information pending cataloguing.

References

[1] MITRE ATT&CK MITRE ATT&CK entry [2] Symantec Daggerfly 2023 [3] ESET EvasivePanda 2023 [4] Symantec Daggerfly 2024 [5] ESET EvasivePanda 2024