Taidoor Malware Used by Chinese Government Actors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have published a malware analysis report (MAR) about a malware variant used by Chinese government cyber actors, which is known as TAIDOOR. The FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation. CISA, FBI, and DoD are distributing this MAR to enable network defense and reduce exposure to Chinese government malicious cyber activity. Read the MAR at CISA.

Additionally, CISA encourages its partners to visit its Chinese Malicious Cyber Activity webpage for more technical information on the tactics, techniques, and procedures used by Chinese government actors.