China-Linked “Evasive Panda” APT Used DNS Poisoning to Deliver MgBot Malware in Espionage Campaign

In one of the most technically sophisticated cyber espionage campaigns uncovered in 2025, researchers have attributed a long-running malware distribution effort to a China-linked advanced persistent threat (APT) group dubbed “Evasive Panda.” The group used DNS poisoning attacks – a rarely-seen but highly effective tactic – to hijack legitimate internet traffic and deliver the stealthy MgBot backdoor to systems in Türkiye, China, and India over a multi-year period.

Security analysts warn that the campaign’s combination of network-level manipulation, custom encryption, and multi-stage infection chains represents a significant escalation in how state-aligned threat actors compromise targets and maintain persistence.

What Is Evasive Panda?

Evasive Panda is a China-aligned state-sponsored advanced persistent threat group that has been active since at least 2012. Cybersecurity firms — including Kaspersky, ESET, and Volexity — have tracked this group under names such as Bronze Highland, Daggerfly, and StormBamboo. Its activities have historically focused on targeted espionage, especially against strategic sectors and high-value targets.

Unlike opportunistic cybercriminals, APT groups like Evasive Panda are known for long-term, stealthy operations. They often maintain undetected access for months or years, harvesting data and building a foothold within networks to enable continued intelligence collection. In this recent campaign, the group’s use of DNS poisoning illustrates an increasingly unconventional approach to initial compromise and payload delivery.

Understanding DNS Poisoning and AitM Attacks

At the core of this campaign is Domain Name System (DNS) poisoning, a technique where adversaries manipulate DNS resolution responses so that requests for legitimate domains instead point to attacker-controlled infrastructure. In practice, this allows attackers to serve malicious content under the guise of trusted services.

Security researchers emphasize that DNS poisoning is different from typical malware delivery vectors — such as phishing or exploiting software vulnerabilities — because it operates at the network level, intercepting and corrupting traffic before it reaches its intended destination. In this campaign, Evasive Panda is believed to have used adversary-in-the-middle (AitM) techniques to alter DNS responses routed through select internet service providers (ISPs) or compromised edge network devices.

By controlling DNS resolution for specific domains — including popular services and legitimate update endpoints — the attackers could covertly redirect victims to malicious servers that hosted malware, while the victims believed they were interacting with legitimate services.

Campaign Timeline and Target Regions

According to Kaspersky’s threat intelligence, the Evasive Panda campaign spanned nearly two years, from November 2022 through November 2024. During this period, the group executed highly-targeted attacks against systems across Türkiye, China, and India.

Because the campaign leveraged tailored DNS responses based on the victim’s geographic location and Internet Service Provider (ISP), the attackers were able to ensure that only select systems resolved specific domains to malicious infrastructure. This sort of selective targeting highlights the advanced planning and resource commitment behind the operation.

How the Infection Chain Worked

1. Poisoned DNS for Software Updates

Evasive Panda’s attackers injected malicious DNS records that redirected update requests from legitimate software to attacker-controlled servers. In several observed cases, the domains associated with popular third-party software — such as SohuVA, Baidu’s iQIYI Video, IObit Smart Defrag, and Tencent QQ — were manipulated so that update installers fetched malware instead of legitimate updates.

This technique took advantage of insecure update workflows that did not enforce strong code signing or validation, allowing the adversary to drop payloads disguised as routine software updates.

2. Multi-Stage Loader Delivery

Once a victim’s system was redirected, the download process triggered a multi-stage infection chain:

• An initial loader was delivered through the poisoned DNS resolution.
• This loader executed shellcode that fetched an encrypted second-stage payload, disguised as a seemingly benign PNG image file — also delivered through manipulated DNS responses.

To evade detection and thwart analysis, the attackers designed the second-stage payload in a way that required unique decryption per victim. Using a hybrid of Microsoft’s DPAPI (Data Protection API) and the RC5 encryption algorithm, the malware payload was bound to the infected host’s specific configuration, making it difficult for defenders to inspect outside the target environment.

3. Secondary Loader and MgBot Implantation

A secondary loader — disguised with a renamed Python executable — sideloaded a DLL file that decrypted and installed the final malware component, the MgBot backdoor. MgBot was then injected into a legitimate svchost.exe process to maintain stealth and persistence.

Once deployed, MgBot provided the attackers with a powerful suite of espionage capabilities, including:

• Keylogging to capture user input.
• File harvesting to collect sensitive data stored on disk.
• Clipboard monitoring to capture clipboard contents.
• Audio stream recording.
• Credential theft from browsers and applications.

This modular design allowed Evasive Panda to tailor the malware’s functions to specific objectives while remaining hidden in the background for extended periods.

Technical Complications and Evasion Tactics

A notable element of this campaign was the attackers’ effort to make malware analysis and detection as difficult as possible. By generating per-victim encrypted payloads and hiding malicious code within seemingly normal network transactions, Evasive Panda greatly increased the challenge for defenders attempting to reverse-engineer or capture the malware outside the infected host.

The initial use of DNS poisoning also meant that traditional endpoint defenses — such as signature-based detection systems — were less effective, as the malware arrived via trusted domains rather than suspicious URLs or attachments.

Impact and Broader Threat Landscape

While details about the specific victims and industries targeted remain limited, the campaign’s geographic scope — particularly in Türkiye, India, and China — suggests the group may have been focusing on political, economic, or strategic intelligence gathering. This aligns with how other China-linked APTs have operated historically.

Security community discussions highlight that DNS poisoning is still a relatively underutilized attack vector compared with phishing and exploit-based intrusions — but its effectiveness in bypassing defenses and exploiting core internet infrastructure makes it a worrying trend for defenders worldwide.

Moreover, analysts note that multiple China-linked APT clusters — including groups known as LuoYu, BlackTech, TheWizards, Blackwood, PlushDaemon, and FontGoblin — have been observed using DNS manipulation techniques for malware distribution and lateral movement, indicating a broader shift toward network-level compromise tactics.

Why DNS Security Matters

This campaign underscores the importance of securing DNS infrastructure, which is often overlooked despite being foundational to internet operations. Attackers who control DNS responses can effectively undermine trust in legitimate services and deliver malware without ever exploiting software bugs or social engineering victims.

Experts recommend multiple defensive strategies to counter DNS-based threats, such as:

• Implementing DNSSEC to validate the authenticity of DNS responses.
• Monitoring DNS traffic for anomalies that indicate redirection or poisoning.
• Using secure resolvers and encrypted DNS protocols like DoH (DNS over HTTPS) or DoT (DNS over TLS).
• Segmentation and strict access controls on network infrastructure, especially at ISP and enterprise edges.

These measures not only help defend against sophisticated APT campaigns but also reduce the risk of compromise through misconfigured or hijacked network services.

What Organizations Should Do Now

Cyber defenders can take proactive steps to mitigate similar threats:

1. Harden DNS infrastructure: Adopt DNSSEC, encrypted DNS, and intelligent traffic filtering.
2. Audit update mechanisms: Ensure software update processes enforce strict code signing and validation.
3. Deploy network anomaly detection: Flag unusual redirect patterns or unexpected DNS behavior.
4. Strengthen endpoint security: Use advanced EDR tools capable of detecting unusual decryption or injection behaviors.
5. Raise awareness: Train IT staff to recognize the potential for network-level compromise beyond traditional phishing or malware executables.

Conclusion

The Evasive Panda DNS poisoning campaign marks a significant escalation in the sophistication of state-linked cyber espionage operations. By manipulating core internet services and combining multi-stage malware delivery with encrypted payloads, this threat actor demonstrated a deep understanding of both network infrastructure and defensive gaps within targeted environments.

For organizations and governments alike, this incident highlights that cyber defense must evolve beyond endpoint protection to encompass network integrity, infrastructure security, and advanced detection capabilities — especially as threat actors increasingly leverage unconventional attack surfaces.