By Interestana AI Editorial — AI-drafted, human-overseen. How we report
Daxin Malware Returns With Stupig Backdoor in Taiwan

The advanced kernel-mode rootkit known as Daxin has resurfaced after more than four years, targeting a manufacturing firm in Taiwan. This reappearance was accompanied by the discovery of a previously unreported backdoor, dubbed Stupig. Daxin, first documented by Symantec in March 2022, has been attributed to Chinese state-sponsored threat actors and was previously observed in targeted attacks.
The Stupig backdoor, identified by security researchers, is a pre-login implant designed to gain initial access to systems. Its integration with Daxin suggests a coordinated effort by the threat group to maintain persistence and expand their capabilities within compromised networks. The malware's ability to operate at the kernel level allows it to evade detection by standard security software and gain deep control over the infected operating system.
Symantec's initial analysis of Daxin indicated its use in sophisticated espionage campaigns. The malware's modular design and its ability to load additional components have made it a persistent threat. The reappearance of Daxin, coupled with the new Stupig backdoor, highlights the evolving tactics of this threat actor and the ongoing need for robust cybersecurity measures, particularly within critical infrastructure sectors like manufacturing.
The specific Taiwan manufacturing firm targeted has not been publicly disclosed, but the incident underscores the persistent threat posed by advanced persistent threats (APTs) originating from China. The discovery of Stupig indicates that the threat actor has continued to develop and deploy new tools to achieve their objectives, which often include intellectual property theft and espionage.
Original source — read the full reporting at the publisher:
Read on The Hacker NewsGet the weekly AI digest
AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.